Hello, I'm using the camptocamp-openldap module to setup a OpenLDAP cluster, but I'm having one issue with the global conf resource included in the module.
It seems that this resource does not check (or incorrectly) if the entry was already added to the global conf and keeps trying to create. Which of course fails since it is already present. This is the exact error that I'm getting: Error: /Stage[main]/Dap::Ldap/Openldap::Server::Globalconf[serverid]/Openldap_global_conf[serverid]/ensure: change from absent to present failed: LDIF content: dn: cn=config add: olcserverid olcserverid: 1 ldap://server01.dap/ Error message: Execution of '/usr/bin/ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/openldap_global_conf20151102-8922-1h9syex' returned 20: SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 ldap_modify: Type or value exists (20) additional info: modify/add: olcServerID: value #0 already exists modifying entry "cn=config" This is the error to expect when you try to add LDAP attribute that already exists. I've looked at the module's code and there is a check if an entry already exists. That check looks OK to me, In a debug log I can also see that this check is being executed: Debug: Executing '/usr/sbin/slapcat -b cn=config -H ldap:///???(objectClass=olcGlobal)' But it stills tries to add the attribute: Debug: dn: cn=config add: olcserverid olcserverid: 1 ldap://woluhosta01.dap/ I'm not proficient enough in Ruby and creation of your own Puppet resource types to further debug this on my own so any help is appreciated. Kind regards, Tim -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/2bd46166-66ec-400f-a9bf-afdb9bb7c281%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.