[Puppet Users] Managing users with ldap provider

Wed, 17 Jun 2015 04:44:35 -0700 

Hello,
I would like one of my puppet agent creating some users in a ldap directory instead of traditional /etc/passwd. 


	According to documentation for the user type, there is a ldap provider, 
which requires ldapbase, ldapuser and ldappasswd options in puppet.conf. 
So I have configured these options in my puppet.conf:


[main]
    logdir = /var/log/puppet
    rundir = /var/run/puppet
    ssldir = $vardir/ssl
    ...
    ldapbase = <base of my users in ldap>
    ldappassword = <password to use>
    ldapserver = <fqdn of my ldap server>
    ldapuser = <user to connect to ldap>

        after this, I have created a simple manifiest to create an test user:

# ldap_user.pp
user { 'amateo_adm2':
        ensure => 'present',
        uid    => 4002,
        gid => 'telematadm',
        comment => 'Angel L. Mateo',
        shell => '/bin/bash',
        password => <password>,
        provider => 'ldap',
}

        Then I try to create the user with "sudo puppet apply ldap_user.pp"

        When I run this, I get the error:

amateo_adm@canis30:~$ sudo puppet apply ldap_user.pp

Notice: Compiled catalog for canis30.um.es in environment production in 
0.15 seconds
Error: Could not set 'present' on ensure: No such object at 
9:/home/amateo_adm/ldap_user.pp
Error: Could not set 'present' on ensure: No such object at 
9:/home/amateo_adm/ldap_user.pp

Wrapped exception:
No such object

Error: /Stage[main]/Main/User[amateo_adm2]/ensure: change from absent to 
present failed: Could not set 'present' on ensure: No such object at 
9:/home/amateo_adm/ldap_user.pp

Notice: Finished catalog run in 0.73 seconds

        In the ldap server I could searches for that user (and it groups) like:


Jun 17 13:28:02 canis30 slapd[10776]: conn=1012 op=0 BIND dn="<user 
configured in puppet.conf>" method=128
Jun 17 13:28:02 canis30 slapd[10776]: conn=1012 op=0 BIND dn="<user 
configured in puppet.conf>" mech=SIMPLE ssf=0
Jun 17 13:28:02 canis30 slapd[10776]: conn=1012 op=0 RESULT tag=97 err=0 
text=
Jun 17 13:28:02 canis30 slapd[10776]: conn=1012 op=1 SRCH 
base="uid=amateo_adm2,<base for users>" scope=0 deref=0 
filter="(objectClass=*)"
Jun 17 13:28:02 canis30 slapd[10776]: conn=1012 op=1 SEARCH RESULT 
tag=101 err=32 nentries=0 text=

Jun 17 13:28:02 canis30 slapd[10776]: conn=1012 op=2 UNBIND

        but I can't see any addition/modification for the user.

        Am I missing something? What I am doing wrong?

--
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información
y las Comunicaciones Aplicadas (ATICA)
http://www.um.es/atica
Tfo: 868887590
Fax: 868888337

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/55815D69.2060308%40um.es.
For more options, visit https://groups.google.com/d/optout.














    











					Reply via email to