If this is 2.6.x, then under "auth.conf", you should have something like this:
path /run method save allow <puppet.master> <puppet.master> is your master's fqdn. On Sat, Oct 23, 2010 at 6:57 AM, Luc Suryo <lsu...@gmail.com> wrote: > Hello > > I know this should be easy but read docs, searched and still not able the > master to kick the client > > This in a cloud env where we run our own DNS, so reverse and forward DNS > all work > the client can do 'dig host' or dig '172.27.0.100' and it will resolve to > the puppet server > > puppet is a CNAME of noc01 and is also hard-coded in /etc/hosts file > but when I do a 'puppet kick blueducks.cloud.aws' im getting the following > error > > master : > > Triggering blueducks.cloud.aws > Host blueducks.cloud.aws failed: Error 403 on SERVER: Forbidden request: > noc01.cloud.aws(172.27.0.100) access to /run/blueducks.cloud.aws [save] > authenticated at line 0 > blueducks.cloud.aws finished with exit code 2 > Failed: blueducks.cloud.aws > > > > client: > > Oct 22 18:16:48 blueducks puppet-agent[2512]: Denying access: Forbidden > request: noc01.cloud.aws(172.27.0.100) access to /run/blueducks.cloud.aws > [save] authenticated at line 0 > > > in namespaceauth.conf i have this > > [puppetrunner] > allow puppet.cloud.aws > > the CA certs says the host/master is puppet (ca.pem file) > Subject: CN=puppet > > > What do I do wrong ? Thanks! > > > -- > -ls > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com<puppet-users%2bunsubscr...@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
