Mskalka Kerberos Keytab
- By Michael Skalka
- Security
Channel | Revision | Published | Runs on |
---|---|---|---|
latest/stable | 7 | 19 Mar 2021 |
juju deploy mskalka-kerberos-keytab
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
-
admin-server-address | string
IP Address or hostname of the remote admin server.
-
domain | string
Default: EXAMPLE.COM
Kerberos domain. Currently only supports a single entry.
-
kdc-address | string
IP Address or hostname of the remote KDC or Kerberos enabled AD server.
-
principal | string
Default: host/{hostname}
principal to use when adding the server, e.g. "host/HOSTNAME.example.com" This variable is templated. You can use the following variable substitutions {hostname} - the output of 'hostname -f' with no additional casing {fqdn} - lower-cased FQDN of the node {FQDN} - upper-cased FQDN of the node {short} - lower-cased short name of the node {SHORT} - upper-cased short name of the node
-
realm | string
Default: EXAMPLE.COM
Kerberos Realm. Currently only supports a single entry.
-
skip-kinit | boolean
Set true to skip 'kinit' and 'krenew' commands and only write /etc/krb5.conf and the supplied keytab to /etc/krb5.keytab
-
ticket-renewal-interval | int
Default: 60
Duration in minutes for ticket renewal.
-
user | string
Default: ubuntu
Local user to perform domain join under, defaults to ubuntu.