On to, 26 heinä 2018, Ryan Slominski via FreeIPA-users wrote:
Kerberos has kadmin.local, and I'm looking for a similar way to
execute
admin commands as the local root user. Looks like I could create a
keytab, and use kinit on it, but ipa-getkey doesn't seem to work for
the admin principal. So I could create a new service account instead,
but I can't seem to find a role that grabs everything like the special
admin group does. Any tips?
Anything that is a member of admins group would
suffice.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland