Enrollment for a host in an IPA domain

This will create a host service principal and may create a host entry (for
admins).  A keytab will be generated, by default in /etc/krb5.keytab
If no kerberos credentails are available then enrollment over LDAPS is used
if a password is provided.

This change requires that openldap be used as our C LDAP client. It is much
easier to do SSL using openldap than mozldap (no certdb required). Otherwise
we'd have to write a slew of extra code to create a temporary cert database,
import the CA cert, ...

daemons/ipa-slapi-plugins/ipa-enrollment/Makefile.am

@@ -0,0 +1,42 @@
+NULL =
+
+INCLUDES =							\
+	-I.							\
+	-I$(srcdir)						\
+	-DPREFIX=\""$(prefix)"\" 				\
+	-DBINDIR=\""$(bindir)"\"				\
+	-DLIBDIR=\""$(libdir)"\" 				\
+	-DLIBEXECDIR=\""$(libexecdir)"\"			\
+	-DDATADIR=\""$(datadir)"\"				\
+	$(MOZLDAP_CFLAGS)					\
+	$(KRB5_CFLAGS)						\
+	$(WARN_CFLAGS)						\
+	$(NULL)
+
+plugindir = $(libdir)/dirsrv/plugins
+plugin_LTLIBRARIES = 			\
+	libipa_enrollment_extop.la	\
+	$(NULL)
+
+libipa_enrollment_extop_la_SOURCES = 	\
+	ipa_enrollment.c		\
+	$(NULL)
+
+libipa_enrollment_extop_la_LDFLAGS = -avoid-version
+
+libipa_enrollment_extop_la_LIBADD = 	\
+	$(MOZLDAP_LIBS)			\
+	$(NULL)
+
+appdir = $(IPA_DATA_DIR)
+app_DATA =			\
+	enrollment-conf.ldif	\
+	$(NULL)
+
+EXTRA_DIST =			\
+	$(app_DATA)		\
+	$(NULL)
+
+MAINTAINERCLEANFILES =		\
+	*~			\
+	Makefile.in