On Sat, Nov 15, 2008 at 03:02:49PM -0800, Larry Ludwig wrote: > > make sure ldapsearch works first on the puppetmaster and also look at > your log files to see any errors.
The only error i get when running 'puppetmasterd --debug --no-daemonize' is: warning: Retrying LDAP connection err: LDAP Search failed With (on puppetmasterd): 'ldapsearch -x -D "cn=puppetadmin,ou=ldapaccounts,ou=rest,ou=of,o=it,c=org" -W "(&(objectClass=puppetClient)(cn=clientfqdn))" ou=puppet,ou=rest,ou=of,o=it,c=org' i get the correct response. > Your LDAP authentication depends upon how your LDAP server is setup. For most things i use sasl-gssapi but i think puppet will just do simple bind, right ? TIA, leon > On Nov 14, 7:18 pm, Leon Meßner <[EMAIL PROTECTED]> wrote: > > Hi, > > i'm relatively new to puppet and to this list and have a problem > > configuring puppet for using ldap nodes. I have a very basic testing > > setup on FreeBSD7_0 using puppet-dev port (0.24.5) > > The error i get is: > > > > warning: Retrying LDAP connection > > err: LDAP Search failed > > > > When tcpdumping i can see, that puppetmasterd is trying to do simple > > auth with binddn="<ROOT>" and the ldap.authentication field is simply > > missing (no password sent.) With ldapsearch (authing as my puppet user) > > and the same filters used by puppetmasterd i get the correct response. > > > > What authentication mechanism am i supposed to use and what are the > > resprective puppet.conf parameters ? > > > > puppet.conf on the server: > > > > [puppetmasterd] > > > > ldapserver = myldapserver.fqdn.example.org > > ldapbase = ou=puppet,ou=rest,ou=of,o=it,c=org > > ldapuser = cn=puppetadmin,ou=ldapaccounts,ou=rest,ou=of,o=it,c=org > > ldappassword = puppetpassword > > ldapclassattrs = puppetclass > > > > node_terminus = ldap > > > > puppet.conf on the client: > > > > [puppetd] > > server = puppetmasterd.fqdn.example.org > > > > application_pgp-signature_part > > < 1KViewDownload > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
