Overview

This resource allows you to register an LDAP server. Here is an example on how to use this:

ldap_server { 'my_ldap_server':
  address           => '192.168.59.10:215',
  user_dn           => 'cn=admin,dc=example,dc=org',
  password          => 'welcome1',
  use_ssl           => true,
  verify_ssl        => false,
}

The ldap_principal type uses this information to connect to the server.

Attributes

Attribute Name Short Description
address The url to connect to.
base The dc component of all queries done at the LDAP server.
ensure The basic property that the resource should be in.
name The name of the LDAP server.
password The password used to connect to the LDAP server.
port The port number the LDAP server can be connected on.
provider resource.
transform The transformation function that will be applied to specified attributes.
use_ssl Use an SSL connection to the LDAP server.
user_dn The user dn used to connect to the LDAP server and administer its content.
verify_ssl Verify the SSL connection.

address

The url to connect to.

ldap_server {my_ldap_server: … address => ‘192.168.59.10’, … }

Back to overview of ldap_server

base

The dc component of all queries done at the LDAP server.

ldap_server {ldap_server: … base => ‘dc=example,dc=org’, … }

Back to overview of ldap_server

ensure

The basic property that the resource should be in.

Valid values are present, absent. Back to overview of ldap_server

name

The name of the LDAP server. This can be any name you wish to give it and is in no way related to the FQDN.

Back to overview of ldap_server

password

The password used to connect to the LDAP server.

ldap_server {ldap_server: … password => ‘very_secret’, … }

Back to overview of ldap_server

port

The port number the LDAP server can be connected on.

ldap_server {my_ldap_server: … port => 389, … }

Back to overview of ldap_server

provider

The specific backend to use for this ldap_server resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.Available providers are:

simple
Manage LDAP server access through yaml file

Back to overview of ldap_server

transform

The transformation function that will be applied to specified attributes.

Here is an example.

 ldap_server { 'docker:cn=gonzo,dc=example,dc=org':
   ...
   replace_behaviour => ['userPassword','givenName'],
   transform => {'userPassword' => 'hashed'},
 }

In this definition, the value specified at the attribute ‘userPassword’, will first be presented to the Puppet function hashed_compare and then compared with the value returned from the ldap server. The specfied function will NOT be applied before sending the value to the LDAP server.

You can use this when the LDAP server requires unhashed passwords on applying, but returns the hashed password. Because Puppet only applies the transform function for comparisson, you can use regular password values in your manifest.

Back to overview of ldap_server

use_ssl

Use an SSL connection to the LDAP server.

Here is an example on how to use this.

ldap_server{my_ldap_server:
  ...
  use_ssl => 'true',
  ...
}

Valid values are true, false. Back to overview of ldap_server

user_dn

The user dn used to connect to the LDAP server and administer its content.

Here is an example on how to use this:

ldap_server {my_ldap_server:
  ...
  user_dn => 'cn=admin,dc=example,dc=org',
  ...
}

Back to overview of ldap_server

verify_ssl

Verify the SSL connection. e.g. Check if it has a valid SSL key.

here is an example on how to use this:

ldap_server{my_ldap_server:
  ...
  verify_ssl => true,
  ...
}

Valid values are true, false. Back to overview of ldap_server