Enrollment for a host in an IPA domain

This will create a host service principal and may create a host entry (for admins). A keytab will be generated, by default in /etc/krb5.keytab If no kerberos credentails are available then enrollment over LDAPS is used if a password is provided. This change requires that openldap be used as our C LDAP client. It is much easier to do SSL using openldap than mozldap (no certdb required). Otherwise we'd have to write a slew of extra code to create a temporary cert database, import the CA cert, ...
2025-02-25 18:55:28 -06:00 · 2009-09-14 17:04:08 -04:00
parent 4f4d57cd30
commit d0587cbdd5
19 changed files with 1578 additions and 82 deletions
--- a/ipa-client/Makefile.am
+++ b/ipa-client/Makefile.am
@@ -22,6 +22,7 @@ INCLUDES =							\

 sbin_PROGRAMS =			\
 	ipa-getkeytab		\
+	ipa-join		\
 	$(NULL)

 ipa_getkeytab_SOURCES =		\
@@ -36,6 +37,20 @@ ipa_getkeytab_LDADD = 		\
 	$(POPT_LIBS)		\
 	$(NULL)

+ipa_join_SOURCES =		\
+	config.c		\
+	ipa-join.c		\
+	$(NULL)
+
+ipa_join_LDADD = 		\
+	$(KRB5_LIBS)		\
+	$(OPENLDAP_LIBS)	\
+	$(SASL_LIBS)		\
+	$(CURL_LIBS)		\
+	$(XMLRPC_LIBS)		\
+	$(POPT_LIBS)		\
+	$(NULL)
+
 SUBDIRS =			\
 	firefox			\
 	ipaclient		\