Hide Forgot
Description of problem: Currently there are generated scripts to configure IPA server and clients for Smard Card authentication. But there are no roles for ansible-freeipa to do this. The goals of this RFE is * Convert current shell scripts to ansible content that is more OS version tolerant: Create two roles, one for server and one for client * Users are in AD with certs stored in IdM (ID views and mapping)
This is the upstream PR for the smartcard roles for server and client: https://github.com/freeipa/ansible-freeipa/pull/838
Verified ansible-freeipa-1.8.1-1.el8.noarch PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestSmartCardPreTests::test_smartcard_setup_smartcard_server_role_on_non_deployed_ipa_server PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestSmartCardPreTests::test_smartcard_setup_smartcard_server_role_on_non_deployed_ipa_replica PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestSmartCardPreTests::test_smartcard_setup_smartcard_client_role_on_non_deployed_ipa_client PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestSmartCardPreTests::test_smartcard_prerequisite PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestsSmartCard::test_smartcard_setup_smartcard_server_role_with_correct_adminpwd_and_cacert PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestsSmartCard::test_smartcard_setup_smartcard_server_role_with_wrong_adminpwd PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestsSmartCard::test_smartcard_setup_smartcard_server_role_with_invalid_cacrt PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestsSmartCard::test_smartcard_setup_with_emulated_smartcard_on_master PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestsSmartCard::test_smartcard_setup_smartcard_server_role_with_correct_adminpwd_and_cacert_on_replica PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestsSmartCard::test_smartcard_setup_with_emulated_smartcard_on_replica PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestsSmartCard::test_smartcard_setup_smartcard_server_role_with_correct_adminpwd_and_cacert_on_server_and_replica PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestsSmartCard::test_smartcard_setup_smartcard_client_role_with_correct_adminpwd_and_cacert PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestsSmartCard::test_smartcard_setup_with_emulated_smartcard_on_client PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestsSmartCard::test_smartcard_setup_smartcard_server_role_and_client_role PASSED ansible_freeipa_tests/smartcard/test_smartcard.py::TestsSmartCard::test_smartcard_setup_smartcard_server_role_on_server_replica_and_client_role ================ 16 passed, 2854 warnings in 1541.29s (0:25:41) ================ Based on the test result, marking the bug Verified
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (ansible-freeipa bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2022:7556