I'm rather new to working with puppet so forgive me it these are solved problems. I've read through some documentation, but was not able to find the full set of information to answer all my questions.
I'm being tasked with finding/configuring/developing an enterprise resource configuration tool. We have several on the table but puppet/chef are the only cross-platform options, so this is why I'm coming here for help. If the problems I am trying to solve are solved, please reply with links and I'll work it out. I'm fine with having to develop some code to make this a reality, I just want to make sure a) I'm not reinventing the wheel, b) I am following best practices. What I am trying to achieve "Resource Orchestration". What I mean is, based on LDAP attributes, a "resource" (machine and user) would be provisioned, configured and presented with a "custom" configured VDI. The VDI portion is a solved issues. Managing the resources within the VDI is what we are trying to achieve. Use case 1: User "Bob", of ou=Developers, authenticates using LDAP to machine resource "Desktop". Desktop has standard facts, as I understand it, that can allow for custom configuration? Do users have Facts? Is it possible to mount shares, in windows also, and present icons to the desktop to Bob? Can, based on the LDAP attribute of Developer, something like Eclipse or Python SDK be installed? The idea is I'm trying to make a single management point to my LDAP and manage my resources from there. I'm not totally married to my LDAP being my primary control point, just the user identities inside an LDAP being the authentication and authorization. If there is another product that sucks in LDAP resources that puppet works with, I'd love to know. Use case 2: User "Bob" authenticates, using a smart card with PKI, to resource "Desktop". Bob's authentication works based on an enterprise attributes from the smart card certificate. Bob, exist on multiple LDAP (e.g. dc=test,dc=com and dc=prod,dc=com) with the same "username" (EDI/PI) from the card. Not all users would exist in multiple domains, but Bob does. Can I further provision the user resource and computer resource based on this additional information? I'm not looking to make puppet my sole solution if it's not the right tool to do the job. Matthew -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
