Issue #5726 has been updated by James Goddard.
In my use case, I use AD ldap accounts for login and the UID lookup for the built in useradd assigns local users UIDs in the AD range, but doesn't check for uniqueness within LDAP. For some local accounts (ones that should be present on all servers), I assign UIDs manually. However, for instance, I need a local mysql user for a database. I don't care what its UID is, as long as it doesn't collide with an AD user. We have run into issues where a local account gets a UID that corresponds to an AD user/group and this is BAD. The useradd/groupadd grabbing semi-random UIDs in the AD range also breaks the group assignations. What I want to do for this class of local users is pass the -K uidmin and -K uidmax to the useradd/groupadd to lock these IDs in our "system account" range. I don't care what the specific ID is, as these accounts are unique to a given server and are in the non-AD range. ---------------------------------------- Feature #5726: Allow uid range when creating a user https://projects.puppetlabs.com/issues/5726 Author: Tim Stoop Status: Needs More Information Priority: Normal Assignee: Nigel Kersten Category: user Target version: Affected Puppet version: development Keywords: Branch: Hi there, It would be convenient if you could add a uid range when creating a new user. Otherwise, puppet creates a user with 'highest uid in /etc/passwd + 1', which usually is not what we want. For instance, we want our own users in the ranges 8000-8999, our customer's users in 9000-12999, system users in 1-999 and other types of users (for shared accounts and the like) in 1000-7999. Uids sometimes clash, currently. We solve it now by using extlookup and setting a specific uid, but allowing for a range to be used would be convenient for many situations. Something like this would be nice to be able to do: <pre> user { "oracle-cron": uid_min => 1000, uid_max => 7999, } </pre> -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
