puppet/ldapquery
1
0
Fork 0
mirror of https://github.com/philippdieter/puppet-ldapquery.git synced 2025-10-13 12:55:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update README to reflect change in behavior.

Browse Source
This commit is contained in:
Zach Leslie 2016-03-13 13:20:16 -07:00
parent fa453d46e2
commit e783071e2e
1 changed files with 32 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
README.md
View File

@ -88,9 +88,9 @@ ini_setting { 'ldaptls':
### In manifest ### In manifest
The `ldapquery` function is simple. Just passing an `rfc4515` search filter Simply passing an `rfc4515` search filter string to `ldapquery()` will return
will return the results of the query in list form. Optionally, a list of the results of the query in list form. Optionally, a list of attributes of
attributes of which to return the values may also be passed. which to return the values may also be passed.
Consider the following manifest. Consider the following manifest.
@ -111,31 +111,48 @@ Assuming there is only one LDAP object with the `uid=zach`, then the variable
```Ruby ```Ruby
[ [
{ {
'uid' => 'zach', 'uid' => ['zach'],
'loginshell' => '/bin/zsh', 'loginshell' => ['/bin/zsh'],
'uidnumber' => '123', 'uidnumber' => ['123'],
'homedirectory' => '/var/users/zach', 'homedirectory' => ['/var/users/zach'],
} }
] ]
``` ```
**Note that the key values are an array.** This should make implementation code simpler, if a bit more verbose, and avoid having to check if the value is an array or a string, because it always is.
Here is a slightly more complicate example that will generate *virtual* Here is a slightly more complicate example that will generate *virtual*
`ssh_authorized_key` resources for every 'posixAccount' that has a non-empty `ssh_authorized_key` resources for every 'posixAccount' that has a non-empty
'sshPublicKey' attribute. 'sshPublicKey' attribute.
```Puppet ```Puppet
$key_results = ldapquery('(&(objectClass=ldapPublicKey)(sshPublicKey=*)(objectClass=posixAccount))', ['uid', 'sshPublicKey']) $attributes = [
'uid',
'sshPublicKey'
]
$key_query = '(&(objectClass=ldapPublicKey)(sshPublicKey=*)(objectClass=posixAccount))'
$key_results = ldapquery($key_query, $attributes)
$key_results.each |$u| { $key_results.each |$u| {
any2array($u['sshpublickey']).each |$k| { any2array($u['sshpublickey']).each |$k| {
$keyparts = split($k, ' ') $keyparts = split($k, ' ')
$comment = $keyparts[2]
@ssh_authorized_key { "${$u['uid']}_${comment}": # Retrieve the comment portion
user => $u['uid'], if $keyparts =~ Array[String, 3] {
type => $keyparts[0], $comment = $keyparts[2]
key => $keyparts[1], } else {
require => User[$u['uid']], $comment = ''
}
$uid = $u['uid'][0]
@ssh_authorized_key { "${uid}_${comment}":
user => $uid,
type => $keyparts[0],
key => $keyparts[1],
tag => 'ldap',
} }
} }
} }
``` ```