On Fri, Feb 15, 2013 at 11:25 AM, Lynn Root <lr...@redhat.com> wrote: > Hi all - > > I'm curious if anyone has written Puppet manifests for managing an IPA > domain. If so, I'd like to pester you to take a peek at those manifests. > More curious on the overall automated management process than anything > specific. > > I did find a post [1] on IPA managing the certs that Puppet uses - but > perhaps someone else has gone a bit deeper!
I use puppet to push various things related to IPA. For example, I have a lot of AIX hosts, so I use puppet to push ipa.crt, sshd_config, ssh_config, ldap.cfg, ntpd.conf, netsvc (AIX's nsswitch.conf,) and some other things that I'm not thinking of at the moment. I do some of this for Linux hosts too, just to keep things in sync (resolv.conf, the ssh configs, PAM configs, etc.) Pretty basic stuff, I either push the whole config file or add lines to it. Nothing fancy. Here's a listing of my custom modules directory, it should give some idea of what I'm doing: aix_dot_profile aix_etc_profile aix_hacmp_facts aix_inittab aix_ldap aix_ldap_startup aix_ldap_temp_fix aix_methods_cfg aix_ntp_conf aix_puppet_conf aix_puppet_startup aix_rc_local aix_sendmail aix_snmpdv3_conf apache cloud_provisioner dashboard dnsmasq etc_hosts firewall ipa_cert ipa_resolv_conf krb5_aix motd mysql netsvc nsswitch_sudoers ntp pam_mkhomedir_linux passenger perldbi_link resolv_conf ruby sane_env_aix sendmail ssh_config sshd sshd_config sshd_deny_oracle sudo_ldap vmwaretools _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users