Issue #7911 has been updated by Mark Shirley.
We are still having issues with adding local accounts on machines connected to LDAP where the user account exists in the directory. We have upgraded to 3.2.1 on master/agent and added forcelocal => true to our user definitions but we noticed these messages in --debug <code> Debug: /User[mshirley]: Provider useradd does not support features libuser; not managing attribute forcelocal Debug: /Group[mshirley]: Provider groupadd does not support features libuser; not managing attribute forcelocal </code> The run fails while trying to set guid and shells because the user account is not being created. I started looking through some of the other threads and git pulls (<a href=https://github.com/puppetlabs/puppet/pull/1442>1442</a>) and discovered that libuser.conf is needed and should be located in lib/puppet/util. The latest source master branch includes libuser.conf in the correct directory but the latest RPM package on the yum repo does not contain this file. Issue 1, no libuser.conf included in latest <a href=http://yum.puppetlabs.com/el/6/products/x86_64/puppet-3.2.1-1.el6.noarch.rpm>RPM</a> I copied libuser.conf from <a href=https://github.com/puppetlabs/puppet/commits/master/lib/puppet/util/libuser.conf>git - master</a> to lib/puppet/util and now we are no longer seeing the debug messages above. Unfortunately the user accounts are still not being created and the run fails. I ran with --trace and now I'm getting this error. <code> Error: Could not set 'present' on ensure: undefined method `intern' for 10:Fixnum at 15:/etc/puppet/modules/devusers/manifests/mshirley.pp </code> <a href=https://gist.github.com/mshirley/5777197>Full gist</a> Issue 2, even with 3.2.1, forcelocal => true, and libuser.conf in the correct location creation of a local user account fails. OS Linux CentOS 6.3 x86_64<br> Puppet pkg puppet-3.2.1-1.el6 We are using sssd for managing LDAP connectivity. ---------------------------------------- Bug #7911: Can't handle local users in LDAP environment https://projects.puppetlabs.com/issues/7911#change-92939 * Author: Rob Braden * Status: Closed * Priority: Normal * Assignee: * Category: provider * Target version: 3.2.0 * Affected Puppet version: * Keywords: * Branch: https://github.com/puppetlabs/puppet/pull/1442 ---------------------------------------- Our environment (mostly RHEL) uses LDAP for user and group administration. Unfortunately, we have some cases where (broken) software insists on local users and groups. I'm guessing it's checking the files directly instead of using the proper system calls. Puppet won't create the user locally, as it sees the user as already existing. RHEL does have local versions of the user and group management commands (luseradd, lusermod, etc). Would there be any implications to adding a 'local' provider for the user type that adds support for managing local users and groups in an environment where most accounts are managed remotely? -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/groups/opt_out.
