RE: (FIXED!) ldap users (after ldap config) in chef run

Chef Infra (archive)
1

I just needed to rerun ohai after configuring ldap…

http://lists.opscode.com/sympa/arc/chef/2010-07/msg00234.html

If you configure ldap for the first time, ohai will not know about

the accounts within that run.

ruby_block “reload_ohai” do

block do

ohai = Ohai::System.new

ohai.all_plugins

node.automatic_attrs = ohai.data

node.save

end

action :nothing

end

Install the template

template “/etc/ldap.conf” do

source “ldap.conf.erb”

owner “root”

group “root”

mode 0644

notifies :create, resources(:ruby_block => ‘reload_ohai’),
:immediately

end

From: Van Fossan,Randy
Sent: Wednesday, March 21, 2012 3:22 PM
To: chef@lists.opscode.com
Subject: ldap users (after ldap config) in chef run

I have a base role that configures ldap on the client and cycles the
nscd daemon. Later in that role I try to create some directories
using “owner” and “group” from these ldap accounts. It always fails on
the first pass through. If I run it again, it will work fine.

I suspect that the chef run cannot yet see these accounts until after
the chef run is complete. If I run 'getent passwd | grep account’
right after the chef run, I can indeed see the account.

Anyone have any idea how to deal with ldap account changes within a chef
run? Does ohai need to be rerun in the middle of the run somehow?

Thanks

Randy