> I also manage users using AD (and likewise-open deployed with puppet), and > I've had a similar issue. > I couldn't find an elegant way to deploy ssh public keys "only if" the home > dir exists. > > I do NOT want the user homedir to be created by puppet! (It must be created > by likewise-open if the user logs in.) > I also don't want errors to occur if the user folder doesn't exist. So I > need a "conditional" like: > > "IF homedir exists => deploy .ssh/authorized_keys , else do nothing" > > As far as I know this is not possible with puppet.
Marcello, I want to understand your use case. AD and LDAP seem to be fairly common in Puppet installations, and I'd like for ssh::auth to work well with them. But I'm not that familiar with them. Are you saying that once a user is authorized for a host (or the whole domain), the user exists on that host, but his/her home directory doesn't, until they first log in? When the user logs in, is his/her home directory automounted from a network share? In that case, the place to deploy the ssh keys would be in the user's home directory on the file server. Or, is the home directory created locally on the host the first time the user logs in? It would seem to me that once a user is authorized for a host, you'd want to create his/her ~/.ssh/authorized_keys right away, so they can log in by ssh. If you can explain the sequence of how users get created and authorized and when their home directories get created, it would help me to address the need. Andrew. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
