[Puppet Users] Re: Configuring LDAP clients with puppet

Wed, 19 Nov 2008 10:47:49 -0800 

Kenneth Holter wrote:
> Hi.
>  
>  
> I need to configure our puppet nodes as LDAP clients, and were wondering 
> if puppet has any build in support for this.

Easy enough (if I understand correctly).  We do this here with a 
'ldap_client' module that looks something like this:

class ldap_client {
   package {
     nss_ldap:
       schedule => daily,
       ensure   => latest;
     openldap:
       schedule => daily,
       ensure   => latest;
     openldap-clients:
       schedule => daily,
       ensure   => latest;
   }

   remotefile {
     "/etc/nsswitch.conf":
       source => "ldap_client/etc/nsswitch.conf",
       mode   => "644";
     "/etc/ssl/cacerts/gd-class2-root.crt":
       source  => "ldap_client/etc/ssl/cacerts/gd-class2-root.crt",
       mode => "644";
     "/etc/ssl/cacerts/gd_cross_intermediate.crt":
       source => "ldap_client/etc/ssl/cacerts/gd_cross_intermediate.crt",
       mode => "644";
     "/etc/ssl/cacerts/gd_intermediate.crt":
       source => "ldap_client/etc/ssl/cacerts/gd_intermediate.crt",
       mode => "644";
     "/etc/ssl/cacerts/sf_issuing.crt":
       source => "ldap_client/etc/ssl/cacerts/sf_issuing.crt",
       mode => "644";
     "/etc/ssl/cacerts/valicert_class2_root.crt":
       source => "ldap_client/etc/ssl/cacerts/valicert_class2_root.crt",
       mode => "644";
   }

   file {
     "/etc/ssl/cacerts":
       ensure => directory,
       mode   => 755,
       owner  => root,
       group  => root,
       before => Remotefile["/etc/ssl/cacerts/gd-class2-root.crt"];
    "/etc/ssl/cacerts/219d9499":
       source => "/etc/ssl/cacerts/gd-class2-root.crt",
       require => Remotefile["/etc/ssl/cacerts/gd-class2-root.crt"];
    "/etc/ssl/cacerts/97552d04":
       source => "/etc/ssl/cacerts/gd_intermediate.crt",
       require => Remotefile["/etc/ssl/cacerts/gd_intermediate.crt"];
    "/etc/ssl/cacerts/b737b221":
       source => "/etc/ssl/cacerts/sf_issuing.crt",
       require => Remotefile["/etc/ssl/cacerts/sf_issuing.crt"];
    "/etc/ssl/cacerts/bcdd5959":
       source => "/etc/ssl/cacerts/valicert_class2_root.crt",
       require => Remotefile["/etc/ssl/cacerts/valicert_class2_root.crt"];

   }
}

Cheers,
Ryan



--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to