I’ve been working with chef-server now for a bit as we’re looking for a good
way to manage both physical and cloud based instances. Chef certainly does
this quite well, however, when you have multiple organizations and people
managing the same servers it becomes difficult to properly control things.
Looking at the Opscode Platform, there’s a ton of control for this (RBAC and
multiple organizations). I would like to possibly implement similar controls
using (Open)LDAP as the backend and wondering if anyone else has gone down
this road. If you have any insight at all at possible problems, or a working
proof of concept I think this would be a great addition for the chef
I can be reached as “crazed” in #chef-hacking (freenode) if you want to
discuss this elsewhere.