#3859 enabled ipa-getkeytab to fetch existing keytab. This is authorized via allowedToPerform;read_keys attribute in the target entry containing a DN of a user/group allowed to fetch the keytab.
Add CLI/UI to set this attribute.
Metadata Update from @mkosek:
- Issue assigned to pvoborni
- Issue set to the milestone: FreeIPA 4.1
to comment on this ticket.