tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ldap: Converted Ubuntu to use nslcd on ldap::auth.

Browse source
This commit is contained in:
Timo Makinen 2014-01-21 11:19:40 +02:00
parent 3c7a5624f6
commit d0a5bca536
1 changed files with 19 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
ldap/manifests/init.pp
View file

@ -97,30 +97,33 @@ class ldap::auth inherits ldap::client {
} }
} }
"Ubuntu": { "Ubuntu": {
package { "ldap-auth-client": package { [ "libpam-ldapd", "libnss-ldapd", "auth-client-config", ]:
ensure => installed, ensure => installed,
} }
exec { "auth-client-config -t nss -p lac_ldap": exec { "auth-client-config -t nss -p ldap_example":
path => "/bin:/usr/bin:/sbin:/usr/sbin", path => "/bin:/usr/bin:/sbin:/usr/sbin",
unless => "auth-client-config -t nss -p lac_ldap -s", unless => "auth-client-config -t nss -p ldap_example -s",
require => Package["ldap-auth-client"], require => Package["auth-client-config"],
before => Augeas["pam-ldap-conf"], before => Augeas["nslcd-conf"],
notify => Exec["nssldap-update-ignoreusers"],
} }
exec { "nssldap-update-ignoreusers": augeas { "nslcd-conf":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
refreshonly => true,
}
augeas { "pam-ldap-conf":
context => "/files/etc/ldap.conf",
changes => [ changes => [
"set uri '${ldap_uri}'", "set uri '${ldap_uri}'",
"set base ${ldap_basedn}", "set base ${ldap_basedn}",
"set nss_paged_results yes", "set pagesize 500",
"set pam_password exop",
"rm rootbinddn",
"set ssl ${ssl}", "set ssl ${ssl}",
"set tls_reqcert never",
"set map 'group member uniqueMember'",
], ],
incl => "/etc/nslcd.conf",
lens => "Spacevars.simple_lns",
notify => Service["nslcd"],
before => File["/etc/openldap/ldap.conf"],
}
service { "nslcd":
ensure => running,
enable => true,
before => Class["nscd"],
} }
} }
"OpenBSD": { "OpenBSD": {