On Aug 31, 8:09 pm, treydock <treyd...@gmail.com> wrote: > I have a file resource defined to be owned by a group that is > accessible via samba/winbind (AD based group), but every time Puppet > runs automatically (every 30 min) the run fails with this error , > (sensitive information removed) > > (/Stage[main]//Node[node1.tld]/Apache::Vhost[vhost1]/File[/var/www/ > vhost1/html]) Could not evaluate: Could not find group org-www at /etc/ > puppet/modules/apache/manifests/definitions/vhost.pp:52 > > When I manually run "puppetd --test --debug -v" there is no failure. > Also the group is visible on the system and all works just fine. It > only fails during the automatic Puppet runs. I also have another > host, with an almost identical setup , assigning AD based groups to > file resources, and it doesn't have this problem. Using Puppet 2.6.9, > on CentOS 6.
It looks like the Puppet agent is unable to connect to the domain to retrieve group information. In all likelihood this is an issue with the environment in which the agent runs or the user (root) as whom it runs, perhaps in conjunction with winbind configuration specifics. You could try to duplicate it from the command line by doing something like 'env -i PATH="/bin:/sbin:/usr/bin:/usr/sbin" puppetd --test -- debug -v' to ensure that it runs with a minimal environment. Not being familiar with the details of using samba/winbind as a user and group resolution service, I'm not sure what specifically to recommend you check in that area. Duplicating the problem from the command line should give you a leg up, though. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
