Closed zeekus closed 3 years ago
This didn't work for me, adding an extra line to the conditional in init.pp checking for RHEL8/Fedora28 that grabbed CentOS8 did though. It's possible things changed since you opened this issue. I'm on 3.1.0 from Puppet-forge.
To get it to work for me I had to set crypto policies to LEGACY update-crypto-policies --set LEGACY With a reboot As I am working with an older AD server.
Then update the $::osfamily block. First I changed 'Redhat' to 'CentOS' I did consider changing the == 'Redhat' to in ['RedHat', 'CentOS'] But that would give no overall benefit in my environment. Therefor a simple delete is all that was necessary ;) case $::osfamily { 'RedHat': { if ($::facts['os']['name'] == 'Fedora' and versioncmp($::facts['os']['release']['major'], '28') >= 0) or ( versioncmp($::facts['os']['release']['major'], '8') >= 0) {
#( $::facts['os']['name'] == 'Redhat' and versioncmp($::facts['os']['release']['major'], '8') >= 0) {
if $ensure == 'present' {
I abandoned Centos8 and went back to Centos7 due to the fact Centos8 is EOL in Dec 2021.
I was able to get this module to work with centos8.
The problem seems to be some Yaml files for Centos are missing.
create mode 100644 data/os/Centos/8.yaml
sssd::extra_packages:
'authselect' 'oddjob-mkhomedir' sssd::manage_oddjobd: true
sssd::enable_mkhomedir_flags:
'enablemkhomedir' sssd::disable_mkhomedir_flags: []
Prior to making this change, I saw this on Centos8. [root@lpe2d ~]# puppet agent -tv Notice: Local environment: 'production' doesn't match server specified node environment 'development', switching agent to 'development'. Info: Retrieving pluginfacts Info: Retrieving plugin Info: Retrieving locales Info: Loading facts Info: Caching catalog for lpe2d.chesapeakebay.net Info: Applying configuration version 'lpe1p-development-36bc30c2174' Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: usage: authconfig [-h] [--enablenis] [--disablenis] [--nisdomain]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--nisserver ] [--enableldap] [--disableldap]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--enableldapauth] [--disableldapauth]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--ldapserver ] [--ldapbasedn ]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--enableldaptls] [--disableldaptls] [--enableldapstarttls]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disableldapstarttls] [--enablerfc2307bis]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disablerfc2307bis] [--enablesmartcard]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disablesmartcard] [--smartcardaction <0=Lock|1=Ignore>]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--enablerequiresmartcard] [--disablerequiresmartcard]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--enablefingerprint] [--disablefingerprint] [--enablekrb5]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disablekrb5] [--krb5kdc ]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--krb5adminserver ] [--krb5realm ]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--enablekrb5kdcdns] [--disablekrb5kdcdns]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--enablekrb5realmdns] [--disablekrb5realmdns]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--enablewinbind] [--disablewinbind] [--enablewinbindauth]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disablewinbindauth] [--winbindjoin ]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--enablewinbindkrb5] [--disablewinbindkrb5]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--smbworkgroup ] [--enablesssd] [--disablesssd]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--enablesssdauth] [--disablesssdauth] [--enablecachecreds]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disablecachecreds] [--enablepamaccess]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disablepamaccess] [--enablemkhomedir]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disablemkhomedir] [--enablefaillock] [--disablefaillock]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--passminlen ] [--passminclass ]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--passmaxrepeat ] [--passmaxclassrepeat ]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--enablereqlower] [--disablereqlower] [--enablerequpper]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disablerequpper] [--enablereqdigit] [--disablereqdigit]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--enablereqother] [--disablereqother] [--nostart]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--updateall] [--update] [--kickstart] [--test] [--probe]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--savebackup ] [--restorebackup ]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--restorelastbackup] [--enablecache] [--disablecache]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--enableecryptfs] [--disableecryptfs] [--enableshadow]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disableshadow] [--useshadow] [--enablemd5] [--disablemd5]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--usemd5]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--passalgo <descrypt|bigcrypt|md5|sha256|sha512>]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--ldaploadcacert ] [--smartcardmodule ]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--smbsecurity <user|server|domain|ads>]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--smbrealm ] [--smbservers ]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--smbidmaprange ]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--smbidmapuid ]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--smbidmapgid ] [--winbindseparator <>]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--winbindtemplatehomedir </home/%D/%U>]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--winbindtemplateshell </bin/false>]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--enablewinbindusedefaultdomain]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disablewinbindusedefaultdomain] [--enablewinbindoffline]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disablewinbindoffline] [--enablepreferdns]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disablepreferdns] [--enableforcelegacy]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disableforcelegacy] [--enablelocauthorize]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disablelocauthorize] [--enablesysnetauth]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: [--disablesysnetauth] [--faillockargs ]
Notice: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: authconfig: error: unrecognized arguments: with-mkhomedir
Error: '/usr/sbin/authconfig with-mkhomedir --update' returned 2 instead of one of [0]
Error: /Stage[main]/Sssd/Exec[authconfig-mkhomedir]/returns: change from 'notrun' to ['0'] failed: '/usr/sbin/authconfig with-mkhomedir --update' returned 2 instead of one of [0] (corrective)