I am trying to come up with a workable solution in managing numerous Mac workstations allowing a high degree of flexibility with regards to certs.
My puppet environment is setup to application installation on machines that have been 'imaged' with a base OS and the puppet and facter apps. So, when a Mac is 'imaged' and subsequently re-booted, puppet is run at startup, a cert is created and autosigned (I know that is not recommended...but...) and queries are performed on our LDAP database and apps are installed based upon the Mac's membership in various groups. My issue is with machines that need to be re-imaged. I am not real well versed on how certs and CA's function, but the newly imaged device fails to get a new cert from the CA(puppetmaster) and the CA complains that it has a cert for the device that does not match the request. So, would it be best to use a single cert for all of the clients or is there a better way to deal with this sort of setup? Thanks for any replies, Kurt Engle --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
