RE: (FIXED!) ldap users (after ldap config) in chef run

I just needed to rerun ohai after configuring ldap…

If you configure ldap for the first time, ohai will not know about

the accounts within that run.

ruby_block “reload_ohai” do

block do

ohai =


node.automatic_attrs =


action :nothing


Install the template

template “/etc/ldap.conf” do

source “ldap.conf.erb”

owner “root”

group “root”

mode 0644

notifies :create, resources(:ruby_block => ‘reload_ohai’),


From: Van Fossan,Randy
Sent: Wednesday, March 21, 2012 3:22 PM
Subject: ldap users (after ldap config) in chef run

I have a base role that configures ldap on the client and cycles the
nscd daemon. Later in that role I try to create some directories
using “owner” and “group” from these ldap accounts. It always fails on
the first pass through. If I run it again, it will work fine.

I suspect that the chef run cannot yet see these accounts until after
the chef run is complete. If I run 'getent passwd | grep account’
right after the chef run, I can indeed see the account.

Anyone have any idea how to deal with ldap account changes within a chef
run? Does ohai need to be rerun in the middle of the run somehow?