I just added "node default {}" to the site.pp and LDAP ENC has
"magically" started working. This is not mentioned nowhere in Pulling
strings, I can't comment on Pro Puppet since I don't have it, and
based on my reading of the LDAP_Nodes wiki page I took the "default
nodes" section to mean this was only necessary if a node wasn't note
defined, which mine are in LDAP.
It's very frustrating to have wasted hours of time trying to debug a
non-issue when simply stating that you must set "node default {}" in
site.pp order for this to work. I will clarify this note in the wiki
w/the hopes it will save other such frustrations.
--
Later,
Darin
On Fri, Jan 6, 2012 at 11:56 AM, Darin Perusich <da...@darins.net> wrote:
> Hello All,
>
> I'm trying to get LDAP Nodes working but it's failing on my puppet
> master with "err: Could not find default node or by name with
> 'node.example.com, node.example, node,' on node node.example.com", the
> client of course error's with "Could not retrieve catalog from remote
> server:". A review of the ldap server access log shows a successfully
> query, log entries below, so I'm really at a loss as to why things are
> failing. I've pretty much set things up as detail in the LDAP_Nodes
> wiki page and from the Pulling strings book.
>
> I'm running Puppet via mod_passenger and I've set "rails_loglevel =
> debug" but it doesn't provide any messages related to why the ldap
> lookup is failing. I've start tried starting puppetmasterd with
> "--no-daemonize --verbose --debug" but it also tells me nothing to
> point me in the right direction. I've also tried strace'ing
> puppetmasterd but again nothing. Is there anyway I can get some useful
> debugging enabled?
>
> Puppet 2.7.9 (both client and server)
> ruby-ldap 0.9.9
> % ruby -rldap -e 'puts :installed'
> installed
> % ruby -rpuppet -e 'p Puppet.features.ldap?'
> true
>
> ldapsearch -x -LLL -h 1.1.1.2 -b ou=hosts,dc=example,dc=com
> "(&(objectclass=puppetClient)(cn=*))"
> dn: cn=default,ou=hosts,dc=example,dc=com
> cn: default
> puppetClass: common
> objectClass: device
> objectClass: puppetClient
> objectClass: top
>
> dn: cn=node.example.com,ou=hosts,dc=example,dc=com
> parentNode: basenode
> objectClass: device
> objectClass: puppetClient
> objectClass: ipHost
> objectClass: top
> ipHostNumber: 1.1.1.6
> cn: node.example.com
>
> dn: cn=basenode,ou=hosts,dc=example,dc=com
> cn: basenode
> puppetClass: common
> objectClass: device
> objectClass: puppetClient
> objectClass: top
>
> LDAP Access log entry:
> [06/Jan/2012:11:33:12 -0500] CONNECT conn=170 from=1.1.1.6:44213
> to=1.1.1.2:389 protocol=LDAP
> [06/Jan/2012:11:33:12 -0500] BIND REQ conn=170 op=0 msgID=1 type=SIMPLE dn=""
> [06/Jan/2012:11:33:12 -0500] BIND RES conn=170 op=0 msgID=1 result=0
> authDN="" etime=0
> [06/Jan/2012:11:33:12 -0500] SEARCH REQ conn=170 op=1 msgID=2
> base="ou=hosts,dc=example,dc=com" scope=wholeSubtree
> filter="(&(objectclass=puppetClient)(cn=node.example.com))"
> attrs="ALL"
> [06/Jan/2012:11:33:12 -0500] SEARCH RES conn=170 op=1 msgID=2 result=0
> nentries=1 etime=1
> [06/Jan/2012:11:33:12 -0500] SEARCH REQ conn=170 op=2 msgID=3
> base="ou=hosts,dc=example,dc=com" scope=wholeSubtree
> filter="(&(objectclass=puppetClient)(cn=basenode))" attrs="ALL"
> [06/Jan/2012:11:33:12 -0500] SEARCH RES conn=170 op=2 msgID=3 result=0
> nentries=1 etime=0
> [06/Jan/2012:11:33:16 -0500] UNBIND REQ conn=170 op=3 msgID=4
> [06/Jan/2012:11:33:16 -0500] DISCONNECT conn=170 reason="Client Unbind"
>
> Thanks!
> --
> Later,
> Darin
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
