Thanks for the info, Rob.
NFS is an option, but I need to see if it will be permitted by the Security 🚨
Folks.
"Sometimes I think the surest sign that intelligent life exists elsewhere in
the universe is that none of it has tried to contact us."
Bill Waterson (Calvin & Hobbes)
> On Feb 7, 2017, at 3:06 PM, Rob Nelson <rnels...@gmail.com> wrote:
>
> Remember that `if User['x]` is not looking to see if the user x exists, but
> whether or not you have a resource of type User with the title 'x'. In other
> words, it checks to see if you declared `user{ 'x': ... }` somewhere in your
> manifests. Puppet ONLY manages those things that you tell it to, hence why
> you hit the else branch every time.
>
>
> I will also second the idea that managing home directories with external
> users is not necessarily the best way to proceed. Your IdM platform may offer
> a way to do network profiles, or you can use NFS or similar to provide them
> on machines. Those are likely better approaches to investigate in the long
> term.
>
>
> Rob Nelson
> rnels...@gmail.com
>
>> On Tue, Feb 7, 2017 at 11:17 AM, Dan White <d_e_wh...@icloud.com> wrote:
>> I am not trying to manage users.
>> I am trying to INTELLIGENTLY push out things like dot-files, but Puppet
>> cannot "see" IdM created users.
>>
>> "Sometimes I think the surest sign that intelligent life exists elsewhere in
>> the universe is that none of it has tried to contact us."
>> Bill Waterson (Calvin & Hobbes)
>>
>>> On Feb 7, 2017, at 7:03 AM, bert hajee <bert.ha...@gmail.com> wrote:
>>>
>>> Dan,
>>>
>>> We recently developed a puppet custom type to manage users inside a LDAP
>>> directory. Here you can find some documentation. It is a commercial module,
>>> but free in development and free in production up to 50 manageable entries.
>>> Maybe this can help you.
>>>
>>>
>>> Regards,
>>>
>>> Bert Hajee
>>>
>>>> On Monday, 6 February 2017 15:33:46 UTC+1, LinuxDan wrote:
>>>> I am trying to figure out if I can do any user management from Puppet for
>>>> users initially managed by Red Hat's Identity Manager (freeipa / ldap)
>>>>
>>>> Here is a code snippet I tried:
>>>>
>>>> # Class: wtf
>>>> #
>>>> class wtf {
>>>> if defined( User["dewhite"] ) {
>>>> $foo = User["dewhite"]["home"]
>>>> notify { "->${foo}<-": }
>>>> } else {
>>>> notify { "woof": }
>>>> user { 'dewhite':
>>>> ensure => 'present',
>>>> }
>>>> }
>>>> }
>>>>
>>>> The dewhite user is defined - and Puppet can "see" it :
>>>>
>>>> [root ~]# puppet resource user dewhite
>>>> user { 'dewhite':
>>>> ensure => 'present',
>>>> comment => 'Daniel White',
>>>> gid => '684400001',
>>>> home => '/home/dewhite',
>>>> shell => '/bin/bash',
>>>> uid => '684400001',
>>>> }
>>>>
>>>> but I always get the "else" half of the manifest.
>>>>
>>>> My goal is to add things like dot-files and such.
>>>> I want to either be able to detect the existance of an LDAP created user
>>>> or I would like to be able to manage the freeipa/LDAP users from Puppet.
>>>>
>>>> Any ideas ?
>>>>
>>>> Dan White | d_e_...@icloud.com
>>>> ------------------------------------------------
>>>> “Sometimes I think the surest sign that intelligent life exists elsewhere
>>>> in the universe is that none of it has tried to contact us.” (Bill
>>>> Waterson: Calvin & Hobbes)
>>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups
>>> "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an
>>> email to puppet-users+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/puppet-users/4598a137-b64f-44de-8b2d-017071a5bab6%40googlegroups.com.
>>> For more options, visit https://groups.google.com/d/optout.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to puppet-users+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/puppet-users/65A12138-E4F3-47DD-A069-3FFF34D20BCB%40icloud.com.
>> For more options, visit https://groups.google.com/d/optout.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/CAC76iT8og2SfZZDLUZ95NezjLXy2cJSF%2Bi6TH_%3D6YBGhS2v3qg%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/DDA6A867-951C-48B9-A0B9-8D87D18818CD%40icloud.com.
For more options, visit https://groups.google.com/d/optout.
