hi, i'm maybe misunderstanding your quetiosn but for me there's 2 ways doing thaht:
first with exec exec {"add_user_to_group": command => "usermod -G mysql $user", unless => "getent group mysql | grep $user" } this will add mysql as secondary group for $user or user {"$user": groups => ["primarygroup","mysql"] } this will do the same but for me, the best would be to handle this by your ldap configuration with something like this http://blog.dimaj.net/2010/07/howto-verify-that-a-member-is-part-of-a-secondary-group-in-openldap/ 2011/6/14 Gareth Allen <gal...@openworld.co.za> > Hi all, > > All our users are stored in LDAP, but I need to add users to a system > group for sudo rules. Is there a way to do this without having Puppet > manage the user? For example: > getent passwd gareth.allen > gareth.allen:XXXXXXXXXX:1100:1100:Gareth Allen:/home/gareth.allen:/bin/bash > > /etc/group contents: > mysql:x:27: > > Now, I need Puppet to do the following: > mysql:x:27:gareth.allen > > The only way I can think of doing this is by having Puppet manage > /etc/groups, but I'm a bit nervous of going that route. Does anyone > have any ideas? > > Thanks, > Gareth > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.