On 15/09/11 23:06, Nigel Kersten wrote: > file { "/path/to/my_keytab": > content => retrieve_keytab_for($certname), > }
Isn't $certname set by the client? Then a client could "impersonate" another? > keytab distribution sucks :( Yes! -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.