In order to unify the replica install workflow across domain levels, the domain level 0 installer has to perform a lightweight version of 'client install' consisting of:
We can leverage the existing available workflow by creating host entry first and then either use OTP to enroll the would-be replica, or request a keytab using ipa-getkeytab and use it to perform enrollment. Other means are open to discussion.
Part of installer refactoring effort
master:
Metadata Update from @mbabinsk: - Issue assigned to mbabinsk - Issue set to the milestone: FreeIPA 4.5
Log in to comment on this ticket.