Commit fd397dfc authored by Hinrikus Wolf's avatar Hinrikus Wolf
Browse files

Merge branch 'th/ad-auth-renew_krb5' into 'master'

ad-auth: Allow overriding DC and syncing w/ Samba in renew_krb5

See merge request !4
parents 34f78a9d 087965dc
Pipeline #3064 passed with stage
in 1 minute and 7 seconds
......@@ -3,3 +3,7 @@
ad_admin_group: admin
ad_admin_password: samba-admin
ad_admin_password_content: "{{ lookup('passwordstore', ad_admin_password) }}"
# Set this to force a specific DC for the renew_krb5 cron job
# ad_auth_renew_force_dc: dc.example.org
# Sync client credentials with Samba (i.e., winbindd)
ad_auth_sync_samba: false
#!/bin/bash
/usr/sbin/adcli update -D {{ domain }}
/usr/sbin/adcli update \
{% if ad_auth_renew_force_dc is defined %}
-S {{ ad_auth_renew_force_dc }} \
{% endif %}
{% if ad_auth_sync_samba %}
--add-samba-data \
{% endif %}
-D {{ domain }}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment