Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-3127

LDAP - introduce LDAP-Certificat Directory

    Details

    • Type: New Feature
    • Status: Accepted
    • Priority: Normal
    • Resolution: Unresolved
    • Affects Version/s: PUP 3.2.4
    • Fix Version/s: PUP 5.y
    • Component/s: None
    • Environment:

      Solaris 11, SPARC, x86

    • Template:
    • Sub-team:
    • Team:
      Platform OS
    • Story Points:
      3
    • Sprint:
      RE 2015-02-25, RE 2015-03-11, RE 2015-03-25
    • UX Priority:
      Normal

      Description

      For Solaris based systems it is necessary to establisch the connection to the ldap server a little bit different then for e.g. Linux based systems.
      Therefore it is necessary to introduce this new config variable 'ldapcrtdir' that allows the use of the server specific ldap certificates.
      On Solaris it points to /var/ldap.

      If ldapssl is set to true and the ldapcrtdir ist configured, the ldap connection must be established different then on Linux:

      LDAP::SSLConn.new(host, port, true, crtdir)

      I have already implemented this feature at our Puppet-Master 3.2.4 environment, so it would be easy to share my implementation

        Attachments

          Issue Links

            Activity

              jsd-sla-details-panel

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  anschust Andreas Schuster
                  QA Contact:
                  Kurt Wall
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  7 Start watching this issue

                  Dates

                  • Created:
                    Updated:

                    Zendesk Support

                      Time Tracking

                      Estimated:
                      Original Estimate - 2 days Original Estimate - 2 days
                      2d
                      Remaining:
                      Remaining Estimate - 1 week
                      1w
                      Logged:
                      Time Spent - Not Specified
                      Not Specified