edgester / puppet-module-kerberos Goto Github PK
View Code? Open in Web Editor NEWA puppet module for managing kerberos clients and servers.
License: BSD 2-Clause "Simplified" License
A puppet module for managing kerberos clients and servers.
License: BSD 2-Clause "Simplified" License
Hi,
I've updated the test a little bit and added an acceptance test. Had some issues with testing the Master installation in Travis CI, so only the client is currently tested. However it should be easy to extend the tests in the future.
https://github.com/martialblog/puppet-module-kerberos/tree/refactor_tests
This is based on my previous Pull Request, so it's best to wait until it's merged and then I'm gonna rebase.
Feedback is welcome.
Cheers
New to Hiera and to Kerberos. So far all of the modules that I've used have used the standard classes rather than Hiera. Is it possible to use classes to add users? If not, what's the easiest way to do it?
Thanks!
I'm working on implementing a kerberos slave node and I'm getting the following error on a puppet convergence run.
Info: Caching catalog for kerberos-test-slave-internal.[DOMAIN]
Error: Failed to apply catalog: Could not find dependency Kerberos::Ktadd[/etc/krb5.keytab@host/kerberos-test-slave.[DOMAIN]] for Service[kpropd] at /etc/puppet/modules/kerberos/manifests/server/kpropd.pp:76
Could I be missing something in the kerberos slave yaml settings?
--David C
Hi!
How about to make new release?
There is a bunch of fixes from 2015.
It's a good practice to tag repos with the versions that are being released to the forge.
This is because most (I think) r10k or code manager users source from git urls as it's a little faster than sourcing from the forge.
Not doing it limits the uptake and usage of the module a bit.
Would you be able to put this in your process and tag the 0.3.1 release?
I haven't used this module but with a cursory look at the code I think I will prefer this one over others. :)
Hi,
I've encountered an error while using the Module and this might be due to this:
class kerberos::server::kprop (
$kprop_cron_path = $kerberos::kprop_cron_path,
$kprop_cron_hour = $kprop_cron_hour,
Fix provided here:
https://github.com/martialblog/puppet-module-kerberos/commit/5beb1486c5fe5d37ad7e9afcee195be5066c3e3c
Cheers,
Markus
@edgester, would you be amenable to a PR that adds the ability to specify appdefaults as a hash? This would be a pretty low-level implementation but similar to how extra realms are currently implemented.
I'm currently having to visit krb5.conf to add an include for appdefaults. I'd prefer to have the module just handle the configuration and keep my own hacks out of it.
Thoughts?
I'm not sure if I have this module figured out, but it seems like the docs in the readme should work for me. However they don't.
include 'kerberos::client'
and hiera:
kerberos::realm: 'SJRB.AD'
kerberos::kdc_principals:
svcopsJD:
password: redacted
kerberos::kdc_trusted_realms:
realms:
- SJRB.AD
password: redacted
Ultimately after this module I want to join a linux box to a domain.. using net ads join
.
And I'm trying to get a kerberos ticket with this one.
ktinit user
works with the supplied username and password.
kerberos::ticket_cache is the only class that runs a kinit, but not sure what the recommended way of calling that defined type is.. directly?
I won't have a keytab file, so I must use the password.
Hi Jason,
I'm now at a point where I'd like to package the module for Debian. A release would be very helpful for that, possiby even to PuppetForge?
Thanks!
Michael
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.