freeipa / freeipa.ansible_freeipa / 1.11.1 / module / ipaserver_setup_krb Setup KRB Authors: Thomas Woerner (@t-woerner) preview | supported by communityfreeipa.ansible_freeipa.ipaserver_setup_krb (1.11.1) — module
Install with ansible-galaxy collection install freeipa.ansible_freeipa:==1.11.1
collections: - name: freeipa.ansible_freeipa version: 1.11.1
Setup KRB
idmax: description: The max value for the IDs range (default idstart+199999) required: true type: int realm: description: Kerberos realm name of the IPA deployment required: true type: str domain: description: Primary DNS domain of the IPA deployment required: true type: str idstart: description: The starting value for the IDs range (default random) required: true type: int hostname: description: Fully qualified name of this host required: false type: str password: description: Admin user kerberos password required: true type: str setup_ca: default: false description: Configure a dogtag CA required: false type: bool no_pkinit: default: false description: Disable pkinit setup steps required: false type: bool setup_dns: default: false description: Configure bind with our zone required: false type: bool setup_kra: default: false description: Configure a dogtag KRA required: false type: bool ca_subject: description: The installer ca_subject setting required: false type: str no_reverse: default: false description: Do not create new reverse DNS zone required: false type: bool dm_password: description: Directory Manager password required: true type: str no_host_dns: default: false description: Do not use DNS for hostname lookup during installation required: false type: bool ip_addresses: description: List of Master Server IP Addresses elements: str required: false type: list subject_base: description: The certificate subject base (default O=<realm-name>). RDNs are in LDAP order (most specific RDN first). required: false type: str no_hbac_allow: default: false description: Don't install allow_all HBAC rule required: false type: bool reverse_zones: description: The reverse DNS zones to use elements: str required: false type: list setup_adtrust: default: false description: Configure AD trust capability required: false type: bool auto_forwarders: default: false description: Use DNS forwarders configured in /etc/resolv.conf required: false type: bool master_password: description: kerberos master password (normally autogenerated) required: true type: str _pkinit_pkcs12_info: description: The installer _pkinit_pkcs12_info setting elements: str required: false type: list external_cert_files: description: File containing the IPA CA certificate and the external CA certificate chain elements: str required: false type: list