Remember that `if User['x]` is not looking to see if the user x exists, but
whether or not you have a resource of type User with the title 'x'. In
other words, it checks to see if you declared `user{ 'x': ... }` somewhere
in your manifests. Puppet ONLY manages those things that you tell it to,
hence why you hit the else branch every time.I will also second the idea that managing home directories with external users is not necessarily the best way to proceed. Your IdM platform may offer a way to do network profiles, or you can use NFS or similar to provide them on machines. Those are likely better approaches to investigate in the long term. Rob Nelson rnels...@gmail.com On Tue, Feb 7, 2017 at 11:17 AM, Dan White <d_e_wh...@icloud.com> wrote: > I am not trying to manage users. > I am trying to INTELLIGENTLY push out things like dot-files, but Puppet > cannot "see" IdM created users. > > "Sometimes I think the surest sign that intelligent life exists elsewhere > in the universe is that none of it has tried to contact us." > > Bill Waterson (Calvin & Hobbes) > > On Feb 7, 2017, at 7:03 AM, bert hajee <bert.ha...@gmail.com> wrote: > > Dan, > > We recently developed a puppet custom type to manage users inside a LDAP > directory. Here > <https://www.enterprisemodules.com/docs/ldap_principal/description.html> you > can find some documentation. It is a commercial module, but free in > development and free in production up to 50 manageable entries. Maybe this > can help you. > > > Regards, > > Bert Hajee > > On Monday, 6 February 2017 15:33:46 UTC+1, LinuxDan wrote: >> >> I am trying to figure out if I can do any user management from Puppet for >> users initially managed by Red Hat's Identity Manager (freeipa / ldap) >> >> Here is a code snippet I tried: >> >> # Class: wtf >> # >> class wtf { >> if defined( User["dewhite"] ) { >> $foo = User["dewhite"]["home"] >> notify { "->${foo}<-": } >> } else { >> notify { "woof": } >> user { 'dewhite': >> ensure => 'present', >> } >> } >> } >> >> The dewhite user is defined - and Puppet can "see" it : >> >> [root ~]# puppet resource user dewhite >> user { 'dewhite': >> ensure => 'present', >> comment => 'Daniel White', >> gid => '684400001', >> home => '/home/dewhite', >> shell => '/bin/bash', >> uid => '684400001', >> } >> >> but I always get the "else" half of the manifest. >> >> My goal is to add things like dot-files and such. >> I want to either be able to detect the existance of an LDAP created user >> or I would like to be able to manage the freeipa/LDAP users from Puppet. >> >> Any ideas ? >> >> >> Dan White | d_e_...@icloud.com >> ------------------------------------------------ >> “Sometimes I think the surest sign that intelligent life exists elsewhere in >> the universe is that none of it has tried to contact us.” (Bill Waterson: >> Calvin & Hobbes) >> >> >> -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/puppet-users/4598a137-b64f-44de-8b2d-017071a5bab6%40googlegroups.com > <https://groups.google.com/d/msgid/puppet-users/4598a137-b64f-44de-8b2d-017071a5bab6%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/puppet-users/65A12138-E4F3-47DD-A069-3FFF34D20BCB%40icloud.com > <https://groups.google.com/d/msgid/puppet-users/65A12138-E4F3-47DD-A069-3FFF34D20BCB%40icloud.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAC76iT8og2SfZZDLUZ95NezjLXy2cJSF%2Bi6TH_%3D6YBGhS2v3qg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
