We're using local passwd/shadow files on all our linux hosts for
authentication and manage them by defining virtual resources like the
following and realizing them in the appropriate classes based on
authorization requirements.
@user {
"username":
comment => "User Name",
uid => "65555",
password => '$9$5/PrhlML$AttWraRXLd0ASwCq.uIss1',
home => "/home/username",
ensure => "present",
gid => "65555",
groups => ["groupname"],
shell => "/bin/sh",
managehome => true,
require => [Group["groupname"]],
membership => minimum;
}
Currently there is no way for me to directly tie puppet to ldap in our
environment (for various non technical reasons) but I would like to keep
the passwords synched with ldap. So I was thinking of writing a script
to query ldap and create perhaps a csv file containing username,password
hash, & shell values.
My questions is can I have my puppet manifests, like the snippet above,
grab the values for password and shell from an external file? ... a file
that I create from ldap every night? I found
"http://nephilim.ml.org/~rip/puppet/extlookup.rb"; but also wanted to ask
the community here if that's the best way to go. Any ideas will be
appreciated.
Regards,
Sukh
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
