Does IPA support the use of additional ACL's in kadm5.acl to allow custom tools to add Kerberos Principals
Issue
- adding principals using the gui works file.
- ipa server-add works too
- What happens to block me are most likely the kdc acl's
- The tool im using to add principals (Hortonworks Ambari) is using direct kadmin commands.
- We can probably fix this by extending the kadm5.acl file.
- However before doing this we would like to verify if this is a supported way to add stuff to IPA.
- And if not, what is the recommended way to deal with tooling that wants or needs to add principals and uses a generic way (kadmin commands) of doing so
Environment
- Red Hat Enterprise Linux (RHEL) 7
- IPA
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
