Merge pull request #9 from alavaliant/master

Add support for specifying --service-name when doing an AD join

README.md

@@ -41,6 +41,7 @@ class {'::adcli':
   ad_join_password          => 'secret',
   ad_join_ou                => 'ou=container,dc=example,dc=com',
   ad_join_domain_controller => 'dc01.example.com',
+  ad_join_service_names     => ['spn1', 'spn2']
   ad_join_computer_name     => 'TEST-CENTOS-76',
   ad_join_os                => 'CentOS',
   ad_join_os_version        => '7',
@@ -56,6 +57,9 @@ adcli::ad_join_username: 'username'
 adcli::ad_join_password: 'secret'
 adcli::ad_join_ou: 'ou=container,dc=example,dc=com'
 adcli::ad_join_domain_controller: 'dc01.example.com'
+adcli::ad_join_service_names:
+  - spn1
+  - spn2
 adcli::ad_join_computer_name: 'TEST-CENTOS-76'
 adcli::ad_join_os: 'CentOS'
 adcli::ad_join_os_version: '7'
@@ -90,6 +94,11 @@ Default: undef
 Type: string
 Default: undef
 
+`$ad_join_service_names`
+(optional) Specify additional kerberos service principals to be created on the account.
+Type: array
+Default: []
+
 `$ad_join_computer_name`
 (optional) Specify a custom computer name to use during the join operation.  This equates to the
 sAMAccountName property in Active Directory.

manifests/init.pp

@@ -47,6 +47,7 @@
   $ad_join_password          = $adcli::params::ad_join_password,
   $ad_join_ou                = $adcli::params::ad_join_ou,
   $ad_join_domain_controller = $adcli::params::ad_join_domain_controller,
+  $ad_join_service_names     = $adcli::params::ad_join_service_names,
   $ad_join_computer_name     = $adcli::params::ad_join_computer_name,
   $ad_join_os                = $adcli::params::ad_join_os,
   $ad_join_os_version        = $adcli::params::ad_join_os_version,

manifests/join.pp

@@ -10,6 +10,7 @@
   $ad_join_password          = $adcli::ad_join_password,
   $ad_join_ou                = $adcli::ad_join_ou,
   $ad_join_domain_controller = $adcli::ad_join_domain_controller,
+  $ad_join_service_names     = $adcli::ad_join_service_names,
   $ad_join_computer_name     = $adcli::ad_join_computer_name,
   $ad_join_os                = $adcli::ad_join_os,
   $ad_join_os_version        = $adcli::ad_join_os_version,
@@ -34,6 +35,11 @@
     } else {
       $ad_join_domain_controller_command = ''
     }
+    if $ad_join_service_names != [] {
+        $ad_join_service_names_command = join([" --service-name='", join($ad_join_service_names, "' --service-name='"), "'"], '')
+    } else {
+      $ad_join_service_names_command = ''
+    }
     if $ad_join_computer_name != undef {
       $ad_join_computer_name_command = " --computer-name='${ad_join_computer_name}'"
     } else {
@@ -57,7 +63,8 @@
     exec {'adcli_join':
       command   => "/bin/echo -n \'${ad_join_password}\' | /usr/sbin/adcli join ${ad_join_domain_controller_command} \
 ${ad_join_computer_name_command} --login-user=\'${ad_join_username}\' --domain=\'${ad_domain}\' --domain-ou=\'${ad_join_ou}\' \
---stdin-password --verbose ${ad_join_os_command} ${ad_join_os_version_command} ${ad_join_os_service_pack_command}",
+--stdin-password --verbose ${ad_join_os_command} ${ad_join_os_version_command} ${ad_join_os_service_pack_command} \
+${ad_join_service_names_command}",
       logoutput => true,
       creates   => '/etc/krb5.keytab',
     }

manifests/params.pp

@@ -15,6 +15,7 @@
   $ad_join_password          = undef
   $ad_join_ou                = undef
   $ad_join_domain_controller = undef
+  $ad_join_service_names     = []
   $ad_join_computer_name     = undef
   $ad_join_os                = undef
   $ad_join_os_version        = undef