Hi,
I'm trying to create an automation for sssd (without manual interference).
For that, I have created a puppet module which installs the necessary packages for sssd,
configures the necessary configuration files,
and runs a script that adds the server to our Active Directory.
My module executes a bash script that runs the following commands:
Code:
<call my API that adds a Computer Account for the server in the Active Directory>
echo "Password" | kinit User
sleep 30 #Let the new computer account to be replicated to all DCs
/usr/bin/net ads join -k
sleep 3 # Let it sync
/usr/bin/kinit -k $(/usr/bin/kllist -k | tail -n1 | awk '{print $NF}' | cut -d"@" -f1)
sleep 3 # Just for safety
/usr/bin/authconfig --enablesssdauth --enablesssd --enablemkhomedir --update
If I run the script manually, it works great.
But if the script runs from within the puppet module, the 'net ads join -k' command fails with error 255 (no documentation for that)
The 'echo "Password" | kinit User' is not best practice as well, but I have not found a better automatic solution, and it seems to work fine because the exit code is 0.
My Questions are:
1. What could be wrong?
2. Is there a better solution for what I am trying to achieve?
(
reminder: I do not want to run the script manually on my servers)