Hi, I'm faced with the question if we should be doing user management directly using freeipa (an integrated LDAP, Kerberos, CA, etc) or by manipulating freeipa using Puppet. Installation and configuration of the service is already performed through Puppet so this only concerns the data stored by freeipa (users, groups, sshkeys, sudo permissions, etc).
Pros of puppet: - everything goes through source control - we love puppet Cons: - exposing all functionality is near impossible and thus the chances of the puppet config not being a perfect representation of the freeipa config is rather high I was wondering if fellow admins have faced this question and have any insights I should consider. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/c0ad2090-2eae-4561-9b2d-4f31b6fe9b6e%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
