ipaservice: Handle smb services as other services.

In current implementation, when using `smb: yes`, only a small subset of the attributes can be used in the playbook. This happened due the use of `service_add_smb`, which adds a new service and does not modify an existing one, and not coping with attributes not supported by this IPA API call. The implementation was modified so that a service with `smb: true` is treated like any other service, which, in effect, simplified and fixed service search, and allowed for the use of the same attributes as with any service. Although simplified, when using `smb: true` an extra query is done against the LDAP server, as a second `service_show` is performed. Tests have been updated to reflect the new imprlementation.
2026-06-09 18:25:53 +00:00 · 2021-05-19 19:37:44 -03:00
parent aa05e4a548
commit debdef1993
3 changed files with 74 additions and 30 deletions
--- a/tests/service/test_service.yml
+++ b/tests/service/test_service.yml
@@ -469,6 +469,7 @@
        ipaservice:
          ipaadmin_password: SomeADMINpassword
          name: "{{ host1_fqdn }}"
+          pac_type: NONE
          smb: yes
          netbiosname: SAMBASVC
        register: result
@@ -478,11 +479,42 @@
        ipaservice:
          ipaadmin_password: SomeADMINpassword
          name: "{{ host1_fqdn }}"
+          pac_type: NONE
          smb: yes
          netbiosname: SAMBASVC
        register: result
        failed_when: result.changed or result.failed

+      - name: Modify SMB service.
+        ipaservice:
+          ipaadmin_password: SomeADMINpassword
+          name: "{{ host1_fqdn }}"
+          smb: yes
+          netbiosname: SAMBASVC
+          allow_retrieve_keytab_user:
+            - user01
+            - user02
+          allow_retrieve_keytab_group:
+            - group01
+            - group02
+        register: result
+        failed_when: not result.changed or result.failed
+
+      - name: Modify SMB service, again.
+        ipaservice:
+          ipaadmin_password: SomeADMINpassword
+          name: "{{ host1_fqdn }}"
+          smb: yes
+          netbiosname: SAMBASVC
+          allow_retrieve_keytab_user:
+            - user01
+            - user02
+          allow_retrieve_keytab_group:
+            - group01
+            - group02
+        register: result
+        failed_when: result.changed or result.failed
+
      - name: Ensure SMB service is absent.
        ipaservice:
          ipaadmin_password: SomeADMINpassword