[Freeipa-users] ipa and puppet
Hi, we are testing freeipa and we are wonder if anyone knows how to edit ldap tree (or what to do) to be able to store puppet nodes in ipa's ldap. I found this RFE on redhat bugzilla, but I do not understand it so much. https://bugzilla.redhat.com/show_bug.cgi?id=805368 Thank you for any hint. Jakub Bittner ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] ipa and puppet
Jakub Bittner wrote: Hi, we are testing freeipa and we are wonder if anyone knows how to edit ldap tree (or what to do) to be able to store puppet nodes in ipa's ldap. I found this RFE on redhat bugzilla, but I do not understand it so much. https://bugzilla.redhat.com/show_bug.cgi?id=805368 Thank you for any hint. I guess it depends on what sort of integration you're looking to do. If the data is independent, sure you can store it in the IPA ldap server, we just recommend storing it in a separate container, separate from the IPA data. If you want to augment existing entries then that is possible, just a bit more complicated. rob ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
[Freeipa-users] IPA w/ Puppet?
Hi all - I'm curious if anyone has written Puppet manifests for managing an IPA domain. If so, I'd like to pester you to take a peek at those manifests. More curious on the overall automated management process than anything specific. I did find a post [1] on IPA managing the certs that Puppet uses - but perhaps someone else has gone a bit deeper! Thanks! Lynn Root [1] http://jcape.name/2012/01/16/using-the-freeipa-pki-with-puppet/ -- Lynn Root @roguelynn Associate Software Engineer Red Hat, Inc ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] IPA w/ Puppet?
On Fri, Feb 15, 2013 at 11:25 AM, Lynn Root lr...@redhat.com wrote: Hi all - I'm curious if anyone has written Puppet manifests for managing an IPA domain. If so, I'd like to pester you to take a peek at those manifests. More curious on the overall automated management process than anything specific. I did find a post [1] on IPA managing the certs that Puppet uses - but perhaps someone else has gone a bit deeper! I use puppet to push various things related to IPA. For example, I have a lot of AIX hosts, so I use puppet to push ipa.crt, sshd_config, ssh_config, ldap.cfg, ntpd.conf, netsvc (AIX's nsswitch.conf,) and some other things that I'm not thinking of at the moment. I do some of this for Linux hosts too, just to keep things in sync (resolv.conf, the ssh configs, PAM configs, etc.) Pretty basic stuff, I either push the whole config file or add lines to it. Nothing fancy. Here's a listing of my custom modules directory, it should give some idea of what I'm doing: aix_dot_profile aix_etc_profile aix_hacmp_facts aix_inittab aix_ldap aix_ldap_startup aix_ldap_temp_fix aix_methods_cfg aix_ntp_conf aix_puppet_conf aix_puppet_startup aix_rc_local aix_sendmail aix_snmpdv3_conf apache cloud_provisioner dashboard dnsmasq etc_hosts firewall ipa_cert ipa_resolv_conf krb5_aix motd mysql netsvc nsswitch_sudoers ntp pam_mkhomedir_linux passenger perldbi_link resolv_conf ruby sane_env_aix sendmail ssh_config sshd sshd_config sshd_deny_oracle sudo_ldap vmwaretools ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users