Thanks for the reply.
As far as I can see you're only hosting the nsswitch file, but don't you
also need to host/manage the ldap.conf file and a one or two files in
/etc/pam.d?
The "remotefile" resource type is new to me - is it available in puppet
v.0.24.4?
On 11/19/08, Ryan Dooley <[EMAIL PROTECTED]> wrote:
>
>
> Kenneth Holter wrote:
> > Hi.
> >
> >
> > I need to configure our puppet nodes as LDAP clients, and were wondering
> > if puppet has any build in support for this.
>
> Easy enough (if I understand correctly). We do this here with a
> 'ldap_client' module that looks something like this:
>
> class ldap_client {
> package {
> nss_ldap:
> schedule => daily,
> ensure => latest;
> openldap:
> schedule => daily,
> ensure => latest;
> openldap-clients:
> schedule => daily,
> ensure => latest;
> }
>
> remotefile {
> "/etc/nsswitch.conf":
> source => "ldap_client/etc/nsswitch.conf",
> mode => "644";
> "/etc/ssl/cacerts/gd-class2-root.crt":
> source => "ldap_client/etc/ssl/cacerts/gd-class2-root.crt",
> mode => "644";
> "/etc/ssl/cacerts/gd_cross_intermediate.crt":
> source => "ldap_client/etc/ssl/cacerts/gd_cross_intermediate.crt",
> mode => "644";
> "/etc/ssl/cacerts/gd_intermediate.crt":
> source => "ldap_client/etc/ssl/cacerts/gd_intermediate.crt",
> mode => "644";
> "/etc/ssl/cacerts/sf_issuing.crt":
> source => "ldap_client/etc/ssl/cacerts/sf_issuing.crt",
> mode => "644";
> "/etc/ssl/cacerts/valicert_class2_root.crt":
> source => "ldap_client/etc/ssl/cacerts/valicert_class2_root.crt",
> mode => "644";
> }
>
> file {
> "/etc/ssl/cacerts":
> ensure => directory,
> mode => 755,
> owner => root,
> group => root,
> before => Remotefile["/etc/ssl/cacerts/gd-class2-root.crt"];
> "/etc/ssl/cacerts/219d9499":
> source => "/etc/ssl/cacerts/gd-class2-root.crt",
> require => Remotefile["/etc/ssl/cacerts/gd-class2-root.crt"];
> "/etc/ssl/cacerts/97552d04":
> source => "/etc/ssl/cacerts/gd_intermediate.crt",
> require => Remotefile["/etc/ssl/cacerts/gd_intermediate.crt"];
> "/etc/ssl/cacerts/b737b221":
> source => "/etc/ssl/cacerts/sf_issuing.crt",
> require => Remotefile["/etc/ssl/cacerts/sf_issuing.crt"];
> "/etc/ssl/cacerts/bcdd5959":
> source => "/etc/ssl/cacerts/valicert_class2_root.crt",
> require => Remotefile["/etc/ssl/cacerts/valicert_class2_root.crt"];
>
> }
> }
>
> Cheers,
> Ryan
>
>
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
