Puppet Class: realmd::join::password
- Defined in:
- manifests/join/password.pp
Overview
Class realmd::join::password
This class is called from realmd for joining AD using a username and password.
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 |
# File 'manifests/join/password.pp', line 6
class realmd::join::password {
$_domain = $realmd::domain
$_user = $realmd::domain_join_user
$_password = $realmd::domain_join_password
$_ou = $realmd::ou
$_extra_join_options = $realmd::extra_join_options
if $realmd::computer_name != undef {
$_computer_name = $realmd::computer_name
} else {
$_computer_name = $::hostname[0,15]
}
if $facts['os']['name'] == 'Ubuntu' {
$_computer_name_arg = $facts['os']['distro']['codename'] ? {
'focal' => '',
'jammy' => '',
default => ["--computer-name=${_computer_name}"],
}
} elsif ($facts['os']['family'] == 'RedHat' and Integer($facts['os']['release']['major']) >= 8) {
$_computer_name_arg = ''
}
else {
$_computer_name_arg = ["--computer-name=${_computer_name}"]
}
if $_ou != undef {
$_realm_args = [$_domain, '--unattended', "--computer-ou='${_ou}'", "--user=${_user}"]
} else {
$_realm_args = [$_domain, '--unattended', "--user=${_user}"]
}
$_args = strip(join(concat($_realm_args, $_computer_name_arg, $_extra_join_options), ' '))
file { '/usr/libexec':
ensure => 'directory',
}
file { '/usr/libexec/realm_join_with_password':
ensure => file,
owner => '0',
group => '0',
mode => '0755',
content => template('realmd/realm_join_with_password.erb'),
notify => Exec['realm_join_with_password'],
}
$_command = "/usr/libexec/realm_join_with_password realm join ${_args}"
exec { 'realm_join_with_password':
environment => ["AD_JOIN_PASSWORD=${_password}"],
path => '/usr/bin:/usr/sbin:/bin',
command => $_command,
unless => "klist -k /etc/krb5.keytab | grep -i '${_computer_name}@${_domain}'",
}
}
|