From 8335a9723e1f8cf44e670d62a6d245bd16f041fe Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Sat, 8 Jun 2019 17:23:51 +0300
Subject: [PATCH] copy keytab instead of generating it

---
 roles/ldap/server/tasks/main.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/roles/ldap/server/tasks/main.yml b/roles/ldap/server/tasks/main.yml
index 5127502..617dfa7 100644
--- a/roles/ldap/server/tasks/main.yml
+++ b/roles/ldap/server/tasks/main.yml
@@ -175,10 +175,10 @@
     state: started
     enabled: true
 
-- name: create slapd keytab
-  import_role:
-    name: kerberos/keytab
-  vars:
-    keytab: /etc/openldap/slapd.keytab
-    principals: ["ldap/{{ inventory_hostname }}@{{ kerberos_realm }}"]
+- name: copy slapd keytab
+  copy:
+    dest: /etc/openldap/slapd.keytab
+    src: "{{ ansible_private }}/files/keytabs/slapd.keytab"
+    mode: 0640
+    owner: root
     group: ldap