Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
-
-
Windows
-
Windows Hopper
-
Needs Assessment
-
Needs Assessment
Description
Can you please confirm if this is module or puppet agent scope.Is Sensitive data type suported?
I encrypted password by hiera,passwords are shown as plain text in catalog JSON file and in puppet agent output.
I found similar issue:https://tickets.puppetlabs.com/browse/PUP-7057
Basic Info
Module Version:1.7.0
Puppet Version:5.5.2
Puppet server:OS Name/Version:AWS Ops Work EC2 instance 4.14.72-73.55.amzn2.x86_64
Node:Windows Server 2016
Password shown in plain when creating new AD user
{
|
|
{dsc_xADUser {'FirstUser': |
|
dsc_ensure => 'present',}} |
|
{
|
|
{ dsc_domainname => 'ad.contoso.com',}} |
|
{
|
|
{ dsc_username => 'tfl', |
dsc_userprincipalname => 'tfl@ad.contoso.com', |
dsc_password => {}}
|
|
{
|
|
{ 'user' => 'tfl@ad.contoso.com', |
'password' => Sensitive(lookup('password')) |
},
|
|
}
|
|
}
|
|
{
|
|
{ dsc_passwordneverexpires => true,}} |
|
{
|
|
{ dsc_domainadministratorcredential => {}}
|
|
{
|
|
{ 'user' => 'Administrator@ad.contoso.com', |
'password' => Sensitive(lookup('password')) |
},
|
|
}
|
|
}
|
|
}
|
Desired Behavior:
When running puppet agent -t -v password should be hidden/encrypted
Actual Behavior:
Password is shown in plain text
'password' = 'Password'
Attachments
Issue Links
- relates to
-
MODULES-8172 DSC : MSFT_Credential validation fails with a Puppet 6 server and Puppet 5 agent
-
- Resolved
-