mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-06-10 02:35:54 +00:00
c824cf6745
When ipahost is run to generate an OTP and the host is already existing, the OTP is properly generated but ipa-join will fail if the host is already enrolled (ie when it has a keytab). Add a step calling ipa host-disable to erase OTP and keytab before requesting an OTP.