createcomputer was not optional, even though the init.pp said it was, so our domain_join script was exit 1'ing before it ever joined, so we added domain_join::createcomputers: Computers to hieradata, which worked around that... but
The domain_join script was hanging on subsequent puppet runs because it was trying to join again, because the "query" was failing (no such object)... because it is "CN=Computers,(domain)" not "OU=Computers,(domain)" ...
So I re-wrote the query to just query the "(domain)" but using the "-P" (computer account) which will only work if the computer is joined to the domain, seems better all around, tested and works for us.
Issues that led to this change...
createcomputer was not optional, even though the init.pp said it was, so our domain_join script was exit 1'ing before it ever joined, so we added
domain_join::createcomputers: Computers
to hieradata, which worked around that... butThe domain_join script was hanging on subsequent puppet runs because it was trying to join again, because the "query" was failing (no such object)... because it is "CN=Computers,(domain)" not "OU=Computers,(domain)" ...
So I re-wrote the query to just query the "(domain)" but using the "-P" (computer account) which will only work if the computer is joined to the domain, seems better all around, tested and works for us.
~tommy