Add idm_admin creation to kanidm admin reset script?

khuedoan / homelab

Fully automated homelab from empty disk to running services with a single command.

https://homelab.khuedoan.com

GNU General Public License v3.0

7.9k stars 705 forks source link

Add idm_admin creation to kanidm admin reset script? #130

Closed ClashTheBunny closed 5 months ago

ClashTheBunny commented 5 months ago

https://github.com/khuedoan/homelab/blob/e1c276e403a0196dce52fe9c94d681988afcc96e/scripts/kanidm-reset-admin-password#L5

kanidm login -D admin
kanidm service-account credential generate -D admin idm_admin

khuedoan commented 5 months ago

Thanks for the suggestion, I have updated the script to allow password reset for any account https://github.com/khuedoan/homelab/commit/f3e3fa22ec7c9c126a5473d4cb54618266d8c6bd, e.g.:

./scripts/kanidm-reset-password idm_admin
./scripts/kanidm-reset-password khuedoan

Note: resetting a user account also removes passkeys and TOTP (if any), so for user account kanidm person credential create-reset-token is a better choice.