internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-06-23 09:14:43 +00:00
Code Issues Projects Releases Wiki Activity

ipaclient/tasks/install.yml: Save and restore ipaadmin_password with OTP

Browse Source 
The generated OTP password is stored into ipaadmin_password. The original
password is now saved and restored later on again.

This fixes the failure with incorrect password while installing the client
part in a replica deployment.
This commit is contained in:
Thomas Woerner
2019-05-31 17:22:56 +02:00
parent be04079fc7
commit 9397776501
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
roles/ipaclient/tasks/install.yml
View File

@@ -138,6 +138,7 @@
- name: Install - Store the previously obtained OTP - name: Install - Store the previously obtained OTP
no_log: yes no_log: yes
set_fact: set_fact:
ipaadmin_orig_password: "{{ ipaadmin_password }}"
ipaadmin_password: "{{ result_ipaclient_get_otp.host.randompassword ipaadmin_password: "{{ result_ipaclient_get_otp.host.randompassword
if result_ipaclient_get_otp.host is defined }}" if result_ipaclient_get_otp.host is defined }}"
@@ -347,6 +348,12 @@
not ipaclient_allow_repair | bool and not ipaclient_force_join | bool) not ipaclient_allow_repair | bool and not ipaclient_force_join | bool)
always: always:
- name: Install - Restore original admin password if overwritten by OTP
no_log: yes
set_fact:
ipaadmin_password: "{{ ipaadmin_orig_password }}"
when: ipaclient_use_otp | bool and ipaadmin_orig_password is defined
- name: Cleanup leftover ccache - name: Cleanup leftover ccache
file: file:
path: "/etc/ipa/.dns_ccache" path: "/etc/ipa/.dns_ccache"