On Oct 17, 2008, at 11:59 AM, Nigel Kersten wrote:
> [...]
> ok. So in that case, I might poll the puppet-users list to see who is
> currently using clear text passwords with directoryservice, as netinfo
> really should be completely deprecated given that directoryservice can
> handle all OS X netinfo stores.
That sounds good.
>
> I'd be perfectly happy for directoryservice to no longer use clear
> text passwords at all myself. We could go and make a "{macshadow}"
> prefix for OS X passwords I guess, but that seems a bit clunky.
>
> I notice that a few people are using server-side generate functions
> for hash generation, which is another option.
Yeah -- it's also a good way to get your passwords from an external
data store without ever storing them in your manifest.
>
> Perhaps that's the better approach to take, in that we provide some
> generate functions on the puppet wiki (or in the distro) for the
> various password hash types.
Seems like a good idea -- having md5 and crypt functions would be a
good start.
--
Once...in the wilds of Afghanistan, I lost my corkscrew, and we were
forced to live on nothing but food and water for days. -- W. C. Fields
---------------------------------------------------------------------
Luke Kanies | http://reductivelabs.com | http://madstop.com
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/puppet-dev?hl=en
-~----------~----~----~----~------~----~------~--~---
