Prevent puppet run from iterating over user from winbind

asked 2017-06-26 05:05:58 -0500

dpech gravatar image

updated 2017-06-26 18:26:20 -0500

DarylW gravatar image

Hi,

I am trying to add an existing node with winbind configured to puppet. The puppet run is iterating over every user object provided from winbind. See example debug output below:

Debug: /User[username]: Provider useradd does not support features libuser; not managing attribute forcelocal
Debug: /User[username]: Provider useradd does not support features manages_solaris_rbac; not managing attribute roles
Debug: /User[username]: Provider useradd does not support features manages_solaris_rbac; not managing attribute auths
Debug: /User[username]: Provider useradd does not support features manages_solaris_rbac; not managing attribute profiles
Debug: /User[username]: Provider useradd does not support features manages_solaris_rbac; not managing attribute keys
Debug: /User[username]: Provider useradd does not support features manages_solaris_rbac; not managing attribute project
Debug: /User[username]: Provider useradd does not support features manages_aix_lam; not managing attribute attributes
Debug: /User[username]: Provider useradd does not support features manages_password_salt; not managing attribute salt
Debug: /User[username]: Provider useradd does not support features manages_password_salt; not managing attribute iterations

Is it possible to prevent puppet from iterating over every ldap user and group object?

edit retag flag offensive close merge delete

Comments

Workaround (provided it suits your situation): Configure your directory service not allowing clients to compile a complete list of users. The client computer may only query one specific user.

Kai Burghardt gravatar imageKai Burghardt ( 2017-07-08 09:02:42 -0500 )edit

Unfortunatly, this will not work for us.

dpech gravatar imagedpech ( 2017-07-10 01:03:45 -0500 )edit