UNIX single sign-on using EPFL's LDAP and Kerberos servers
Install Puppet standalone then, as root:
puppet module install epflsti-epfl_sso# Install the modulepuppet apply -e "class { 'quirks': } class { 'quirks::pluginsync': }"# Repeat if prompted to- Then, apply the epfl_sso class:
puppet apply -e "class { 'epfl_sso': allowed_users_and_groups => 'user1 user2 (group1) (group2)', join_domain => 'OU=IEL-GE-Servers,OU=IEL-GE,OU=IEL,OU=STI', auth_source => 'AD', directory_source => 'AD' }" - And if you want NFS connectivity too:
puppet apply -e "class { 'epfl_sso::nfs': }"
Note: user1 & user2 are GASPAR usernames (or local account) and group1 and group2 are EPFL groups which are visible in ldap.epfl.ch, in example:
puppet apply -e "class { 'epfl_sso': allowed_users_and_groups => 'admin nborboen (stiitlinux)' }"
where admin is a local account, nborboen a GASPAR username and stiitlinux a EPFL group.
(in case the one on puppet lab is now up-to-date; please try the one-shot method first !)
- Be sure to remove previous version:
puppet module uninstall epflsti-epfl_sso(add--ignore-changesif needed) - Go in the puppet folder:
cd /etc/puppet/module - Remove
epfl_sso(but it should have been done from step 1) - Clone the repo here:
git clone https://github.com/epfl-sti/puppet.epfl_sso.git /etc/puppet/module/epfl_sso - Apply one-shot step 3.
- Be sure to remove previous version:
puppet module uninstall epflsti-epfl_sso(add--ignore-changesif needed) - Clone the repo:
git clone https://github.com/epfl-sti/puppet.epfl_sso.git - tar the repo:
tar -czvf epfl_sso_latest.tar.gz puppet.epfl_sso - Install the module:
puppet module install epfl_sso_latest.tar.gz - Apply one-shot step 3.