Updates to remove unnecessary parameters for my OpenLDAP use case

rmc3 · rmc3 · commit 9deccac9849f · 2013-11-04T15:52:16.000-06:00
diff --git a/manifests/domain.pp b/manifests/domain.pp
@@ -231,15 +231,15 @@
   $entry_cache_timeout = 60,
   $krb5_canonicalize = false,
 ) {
-  validate_array($simple_allow_groups)
+  #validate_array($simple_allow_groups)
   validate_bool($ldap_id_use_start_tls)
   validate_bool($enumerate)
   validate_bool($ldap_force_upper_case_realm)
   validate_bool($ldap_referrals)
   validate_bool($cache_credentials)
   validate_bool($krb5_canonicalize)
   validate_re($ldap_tls_reqcert,['hard','demand','try','allow','never'])
-  validate_re($ldap_default_authtok_type,['password','obfuscated_password'])
+  #validate_re($ldap_default_authtok_type,['password','obfuscated_password'])
   validate_re($ldap_schema,['rfc2307','rfc2307bis','ipa','ad'])
   
   include sssd::params
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -77,7 +77,7 @@
   }
 
   exec { 'authconfig-sssd':
-    command     => '/usr/sbin/authconfig --enablesssd --enablesssdauth --enablelocauthorize --update',
+    command     => '/usr/sbin/authconfig --enableshadow --enablemd5 --enableldap --enableldapauth --enableldaptls --enablelocauthorize --enablemkhomedir --update',
     refreshonly => true,
     subscribe   => Concat['sssd_conf'],
   }
diff --git a/templates/domain.conf.erb b/templates/domain.conf.erb
@@ -1,26 +1,12 @@
 [domain/<%= @ldap_domain %>]
 id_provider = ldap
-auth_provider = krb5
-chpass_provider = krb5
-access_provider = simple
-simple_allow_groups = <%= @simple_allow_groups.flatten.join(',') %>
+auth_provider = ldap
+chpass_provider = ldap
 cache_credentials = <%= @cache_credentials %>
 min_id = <%= @real_min_id %>
 entry_cache_timeout = <%= @entry_cache_timeout %>
-krb5_realm = <%= @krb5_realm %>
-krb5_canonicalize = <%= @krb5_canonicalize %>
 ldap_uri = <%= @ldap_uri %>
 ldap_search_base = <%= @ldap_search_base %>
-ldap_user_search_base = <%= @ldap_user_search_base %>
-ldap_group_search_base = <%= @ldap_group_search_base %>
-ldap_netgroup_search_base = <%= @ldap_netgroup_search_base %>
-ldap_referrals = <%= @ldap_referrals %>
-enumerate = <%= @enumerate %>
-ldap_force_upper_case_realm = <%= @ldap_force_upper_case_realm %>
-ldap_schema = <%= @ldap_schema %>
-ldap_default_bind_dn = <%= @ldap_default_bind_dn %>
-ldap_default_authtok_type = <%= @ldap_default_authtok_type %>
-ldap_default_authtok = <%= @ldap_default_authtok %>
 ldap_id_use_start_tls = <%= @ldap_id_use_start_tls %>
 ldap_tls_reqcert = <%= @ldap_tls_reqcert %>
 <% if @ldap_tls_cacert_path -%>

Original file line number	Diff line number	Diff line change
`@@ -77,7 +77,7 @@`
`77`	`77`	`}`
`78`	`78`
`79`	`79`	`exec { 'authconfig-sssd':`
`80`		`- command => '/usr/sbin/authconfig --enablesssd --enablesssdauth --enablelocauthorize --update',`
	`80`	`+ command => '/usr/sbin/authconfig --enableshadow --enablemd5 --enableldap --enableldapauth --enableldaptls --enablelocauthorize --enablemkhomedir --update',`
`81`	`81`	`refreshonly => true,`
`82`	`82`	`subscribe => Concat['sssd_conf'],`
`83`	`83`	`}`