On Fri, 05 Nov 2010 15:20:27 -0400 Rob Crittenden <rcrit...@redhat.com> wrote:
> When a host is deleted we revoke its certificate, if any. > > When a host keytab is disabled we disable all the keytabs and revoke > the certificates of its services. > > I've also tried to make it more universal to display certificate > details when viewing a record with a certificate in it. > > rob a. needs rebase (I did a rebase on my own, hopefully the next point was not because of that) b. after some fiddling and testing ipa host-disable seem to return a bogus error of: ipa: ERROR: no modifications to be performed and if tried again: ipa: ERROR: This entry is already disabled Possibly the first error was returned because the service I took a cert for (to test the cert was removed on disabling, which it was) didn;t have a keytab associated. So NACK on this error, but the general approach looks good. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel