Version information
This version is compatible with:
- Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2021.7.x
- Puppet >= 7.24 < 9.0.0
- , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'ffquintella-realmd', '2.0.4'Learn more about managing modules with a PuppetfileDocumentation
realmd
Table of Contents
- Description
- Usage - Configuration options and additional functionality
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
Description
Realmd support for RHEL Originally developed and maintained by Geoff Williams. This module was created to support Redhat 8 or 9 (which the current Geoff Willams one doesn't) Other than adding the RHEL8 (and RHEL9) support, this module remains the same.
Features
- Join a single domain
- Re-join to a different domain if
realm list --name-onlydoesn't agree with thedomainparameter simple_allow_groupsused for access control
Usage
See reference and examples
Limitations
- Not supported by Puppet, Inc.
- Supports joining a single realm only
- Rewrites
/etc/sssd/sssd.conf(template) simple_allow_groupsused for access control
Development
PRs accepted :)
Testing
This module supports testing using PDQTest.
Test can be executed with:
bundle install
make
See .travis.yml for a working CI example
Reference
Table of Contents
Classes
realmd: Support for Relmd+SSSD on RHEL 7.
Classes
realmd
Support for Relmd+SSSD on RHEL 7.
Examples
joining a domain
class { "realmd":
domain => "mydomain",
ad_username => "myuser",
ad_password => "topsecret",
ou => ['linux', 'servers'],
groups => ['admins', 'superadmins']
}
Parameters
The following parameters are available in the realmd class.
packages
Data type: Array[String]
List of packages to install to enable support (from in-module data)
domain
Data type: String
Domain to join
ad_username
Data type: String
AD Username to use for joining
ad_password
Data type: String
AD password to use for joining
ou
Data type: Array[String]
Array of OUs to use for joining eg foo,bar,baz (OU= will be added for you)
services
Data type: Array[String]
List of services to enable for SSD/Realmd
groups
Data type: Array[String]
List of groups to add to simple_allow_groups (will be flattened for you)
Default value: []
keytab_file
Data type: String
Location of keytabs written by realm command
Default value: "/etc/krb5.keytab"
MIT License Copyright (c) 2024 Felipe Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.