Version information
Start using this module
Add this module to your Puppetfile:
mod 'clintwebb-realmd', '1.2.3'
Learn more about managing modules with a PuppetfileDocumentation
realmd
Table of Contents
- Description
- Usage - Configuration options and additional functionality
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
Description
Realmd support for RHEL Originally developed and maintained by Geoff Williams. This module was created to support Redhat 8 or 9 (which the current Geoff Willams one doesn't) Other than adding the RHEL8 (and RHEL9) support, this module remains the same.
Features
- Join a single domain
- Re-join to a different domain if
realm list --name-only
doesn't agree with thedomain
parameter simple_allow_groups
used for access control
Usage
See reference and examples
Limitations
- Not supported by Puppet, Inc.
- Supports joining a single realm only
- Rewrites
/etc/sssd/sssd.conf
(template) simple_allow_groups
used for access control
Development
PRs accepted :)
Testing
This module supports testing using PDQTest.
Test can be executed with:
bundle install
make
See .travis.yml
for a working CI example
Reference
Table of Contents
Classes
realmd
: Support for Relmd+SSSD on RHEL 7.
Classes
realmd
Support for Relmd+SSSD on RHEL 7.
Examples
joining a domain
class { "realmd":
domain => "mydomain",
ad_username => "myuser",
ad_password => "topsecret",
ou => ['linux', 'servers'],
groups => ['admins', 'superadmins']
}
Parameters
The following parameters are available in the realmd
class.
packages
Data type: Array[String]
List of packages to install to enable support (from in-module data)
domain
Data type: String
Domain to join
ad_username
Data type: String
AD Username to use for joining
ad_password
Data type: String
AD password to use for joining
ou
Data type: Array[String]
Array of OUs to use for joining eg foo,bar,baz
(OU= will be added for you)
services
Data type: Array[String]
List of services to enable for SSD/Realmd
groups
Data type: Array[String]
List of groups to add to simple_allow_groups
(will be flattened for you)
Default value: []
keytab_file
Data type: String
Location of keytabs written by realm
command
Default value: "/etc/krb5.keytab"