FAQ
Dear Sukh,

I am siva kumar from India , I am new to the puppet and we are planing to
deploy puppet in our env. and i m learning puppet and working in basic
modules. However, i came across
http://itand.me/using-puppet-to-manage-users-passwords-and-ss ... for
user management in puppet. and i follwoed it to deploy and test in my test
servers. But , the above post no fullfilling my require ment. Could you
please share you user management Module with me it very usefull to me..
thanks in advance..

Regards,

Siva Kumar .
On Saturday, January 9, 2010 1:14:22 PM UTC-6, Sukh Khehra wrote:

We're using local passwd/shadow files on all our linux hosts for
authentication and manage them by defining virtual resources like the
following and realizing them in the appropriate classes based on
authorization requirements.

@user {
"username":
comment => "User Name",
uid => "65555",
password => '$9$5/PrhlML$AttWraRXLd0ASwCq.uIss1',
home => "/home/username",
ensure => "present",
gid => "65555",
groups => ["groupname"],
shell => "/bin/sh",
managehome => true,
require => [Group["groupname"]],
membership => minimum;
}

Currently there is no way for me to directly tie puppet to ldap in our
environment (for various non technical reasons) but I would like to keep
the passwords synched with ldap. So I was thinking of writing a script
to query ldap and create perhaps a csv file containing username,password
hash, & shell values.

My questions is can I have my puppet manifests, like the snippet above,
grab the values for password and shell from an external file? ... a file
that I create from ldap every night? I found
"http://nephilim.ml.org/~rip/puppet/extlookup.rb" but also wanted to ask
the community here if that's the best way to go. Any ideas will be
appreciated.

Regards,
Sukh


On Saturday, January 9, 2010 1:14:22 PM UTC-6, Sukh Khehra wrote:

We're using local passwd/shadow files on all our linux hosts for
authentication and manage them by defining virtual resources like the
following and realizing them in the appropriate classes based on
authorization requirements.

@user {
"username":
comment => "User Name",
uid => "65555",
password => '$9$5/PrhlML$AttWraRXLd0ASwCq.uIss1',
home => "/home/username",
ensure => "present",
gid => "65555",
groups => ["groupname"],
shell => "/bin/sh",
managehome => true,
require => [Group["groupname"]],
membership => minimum;
}

Currently there is no way for me to directly tie puppet to ldap in our
environment (for various non technical reasons) but I would like to keep
the passwords synched with ldap. So I was thinking of writing a script
to query ldap and create perhaps a csv file containing username,password
hash, & shell values.

My questions is can I have my puppet manifests, like the snippet above,
grab the values for password and shell from an external file? ... a file
that I create from ldap every night? I found
"http://nephilim.ml.org/~rip/puppet/extlookup.rb" but also wanted to ask
the community here if that's the best way to go. Any ideas will be
appreciated.

Regards,
Sukh
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/1zQCMDCuO9YJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

Search Discussions

  • Siva kumar at Oct 23, 2012 at 1:32 pm
    Dear Sunner,

    Good Morning !

    I am shiva . Right now i m working with Puppet User Management Module. And
    i saw your post the same kind of module i looking for. Its very usefull if
    you share you user module to me, Thanks

    Thanks & Regards,

    Shiva...
    On Thursday, November 25, 2010 12:54:50 AM UTC-6, Sunner wrote:

    Hi people.
    After some reading, I think I have some sort of coherent thought about how
    to handle users and groups, being a first time Puppet user though I figured
    I'd ask for some criticism before I go ahead.

    I'll use the /modules/user module as per the BP-doc, and store all the
    users and groups in one file/class.
    Then I'll have two(for now at least) classes in separate files, basically
    these will be admins and non-admins, and node classes will then inherit
    these as needed(I expect most nodes will only need the admins and possibly
    some application accounts).
    Somethingl like so(no I'm not trying to write real puppet code, just a
    brief description, so I know this won't work as is ;-) :

    virtual.pp
    class user::virtual
    # Groups first for the sake of order
    @group admin...
    @group notadmin...
    ...

    # Users now
    @user {"user1": gid => "admin" ...}
    @user {"user2": gid => "notadmin" ...}
    ...


    admins.pp
    class user::admins inherits user::virtual
    realize ( Group["admin"], User["user1"] )


    nonadmins.pp
    class user::notadmins inherits user::virtual
    realize ( Group["notadmin", User["user2"] )

    And the base node class will include the user::admin class, and so forth.
    As for application accounts and such, I figured I'd stick these in classes
    of their own in one manifest(say appusers.pp or some such).

    Basically what I'm asking, does this seem sane to more experienced people,
    or am I setting myself up for pain?

    Regards
    Johan
    --
    You received this message because you are subscribed to the Google Groups "Puppet Users" group.
    To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/DM5V98czFJgJ.
    To post to this group, send email to puppet-users@googlegroups.com.
    To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppuppet-users @
categoriespuppet
postedOct 11, '12 at 6:19p
activeOct 23, '12 at 1:32p
posts2
users1
websitepuppetlabs.com

1 user in discussion

Siva kumar: 2 posts

People

Translate

site design / logo © 2022 Grokbase