Tags

,


Continue with my previous post of How to set up LDAP authentication in CentOS, I have made the Puppet be able to push it in my lab. Here is how it looks:

Selection_009

The manifest file and files can be downloaded from here.

class sys_ldap {

package { ‘openldap’:
ensure => installed,
}

package { ‘openldap-clients’:
ensure => installed,
require => Package[‘openldap’]
}

package { ‘sssd’:
ensure => installed,
}

file { ‘/etc/openldap/ldap.conf’:
ensure => file,
source => ‘puppet:///sys_ldap/ldap.conf’,
require => Package[‘openldap-clients’],
}

file { ‘/etc/openldap/certs/ldap-pub.pem’:
ensure => file,
source => ‘puppet:///sys_ldap/ldap-pub.pem’,
require => Package[‘openldap-clients’],
}

file { ‘/etc/sssd/sssd.conf’:
ensure => file,
source => ‘puppet:///sys_ldap/sssd.conf’,
mode => 600,
require => Package[‘sssd’],
}

exec { ‘/usr/sbin/authconfig –enablesssd –enablesssdauth –enableldap –enableldapauth –enablemkhomedir –ldapserver=ldaps://ldap.mylab.local –ldapbasedn=dc=mylab,dc=local –enablelocauthorize –enableldaptls –update’:
require => [ File[‘/etc/openldap/ldap.conf’], File[‘/etc/openldap/certs/ldap-pub.pem’], File[‘/etc/sssd/sssd.conf’], ],
}

}

Advertisements