Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
infra
ansible-shared
samba
Commits
a1fb07a1
Commit
a1fb07a1
authored
Jun 01, 2017
by
Lars Beckers
Browse files
ensure no passwords are logged
parent
1793f1d7
Changes
2
Hide whitespace changes
Inline
Side-by-side
ad-auth/tasks/sssd.yml
View file @
a1fb07a1
...
...
@@ -30,6 +30,7 @@
-
name
:
get a kerberos ticket
shell
:
echo "{{ lookup('passwordstore', 'samba-admin') }}" | kinit Administrator
when
:
debian_version == "jessie"
no_log
:
True
-
name
:
ensure pexpect is installed
apt
:
name=python-pexpect state=installed
when
:
debian_version == "stretch"
...
...
@@ -39,6 +40,7 @@
responses
:
"
Password
for
Administrator.*"
:
"
{{
lookup('passwordstore',
'samba-admin')
}}"
when
:
debian_version == "stretch"
no_log
:
True
-
name
:
leave any other realm
command
:
realm leave
register
:
result
...
...
ad-server/tasks/main.yml
View file @
a1fb07a1
...
...
@@ -32,6 +32,7 @@
local_action
:
pass name="samba-admin" state=present generate=20 store=FSMPI_PASSWORD_STORE_DIR limit=yes
register
:
adminpass
when
:
domain_provisioned.stat.exists == False
no_log
:
True
tags
:
-
ad-server
-
domain-provision
...
...
@@ -44,6 +45,7 @@
-
name
:
ensure domain is provisioned
shell
:
samba-tool domain provision --use-rfc2307 --domain={{ smb_domain }} --server-role=dc --host-name={{ ansible_hostname }} --realm={{ REALM }} --dns-backend=NONE --adminpass={{ adminpass.password }} 2> /root/smb-provision.log
when
:
domain_provisioned.stat.exists == False
no_log
:
True
tags
:
-
ad-server
-
domain-provision
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment