I just added "node default {}" to the site.pp and LDAP ENC has
"magically" started working. This is not mentioned nowhere in Pulling
strings, I can''t comment on Pro Puppet since I don''t have it,
and
based on my reading of the LDAP_Nodes wiki page I took the "default
nodes" section to mean this was only necessary if a node wasn''t
note
defined, which mine are in LDAP.
It''s very frustrating to have wasted hours of time trying to debug a
non-issue when simply stating that you must set "node default {}" in
site.pp order for this to work. I will clarify this note in the wiki
w/the hopes it will save other such frustrations.
--
Later,
Darin
On Fri, Jan 6, 2012 at 11:56 AM, Darin Perusich <darin@darins.net>
wrote:> Hello All,
>
> I''m trying to get LDAP Nodes working but it''s failing on
my puppet
> master with "err: Could not find default node or by name with
> ''node.example.com, node.example, node,'' on node
node.example.com", the
> client of course error''s with "Could not retrieve catalog
from remote
> server:". A review of the ldap server access log shows a successfully
> query, log entries below, so I''m really at a loss as to why things
are
> failing. I''ve pretty much set things up as detail in the
LDAP_Nodes
> wiki page and from the Pulling strings book.
>
> I''m running Puppet via mod_passenger and I''ve set
"rails_loglevel > debug" but it doesn''t provide any
messages related to why the ldap
> lookup is failing. I''ve start tried starting puppetmasterd with
> "--no-daemonize --verbose --debug" but it also tells me nothing
to
> point me in the right direction. I''ve also tried
strace''ing
> puppetmasterd but again nothing. Is there anyway I can get some useful
> debugging enabled?
>
> Puppet 2.7.9 (both client and server)
> ruby-ldap 0.9.9
> % ruby -rldap -e ''puts :installed''
> installed
> % ruby -rpuppet -e ''p Puppet.features.ldap?''
> true
>
> ldapsearch -x -LLL -h 1.1.1.2 -b ou=hosts,dc=example,dc=com
> "(&(objectclass=puppetClient)(cn=*))"
> dn: cn=default,ou=hosts,dc=example,dc=com
> cn: default
> puppetClass: common
> objectClass: device
> objectClass: puppetClient
> objectClass: top
>
> dn: cn=node.example.com,ou=hosts,dc=example,dc=com
> parentNode: basenode
> objectClass: device
> objectClass: puppetClient
> objectClass: ipHost
> objectClass: top
> ipHostNumber: 1.1.1.6
> cn: node.example.com
>
> dn: cn=basenode,ou=hosts,dc=example,dc=com
> cn: basenode
> puppetClass: common
> objectClass: device
> objectClass: puppetClient
> objectClass: top
>
> LDAP Access log entry:
> [06/Jan/2012:11:33:12 -0500] CONNECT conn=170 from=1.1.1.6:44213
> to=1.1.1.2:389 protocol=LDAP
> [06/Jan/2012:11:33:12 -0500] BIND REQ conn=170 op=0 msgID=1 type=SIMPLE
dn=""
> [06/Jan/2012:11:33:12 -0500] BIND RES conn=170 op=0 msgID=1 result=0
> authDN="" etime=0
> [06/Jan/2012:11:33:12 -0500] SEARCH REQ conn=170 op=1 msgID=2
> base="ou=hosts,dc=example,dc=com" scope=wholeSubtree
> filter="(&(objectclass=puppetClient)(cn=node.example.com))"
> attrs="ALL"
> [06/Jan/2012:11:33:12 -0500] SEARCH RES conn=170 op=1 msgID=2 result=0
> nentries=1 etime=1
> [06/Jan/2012:11:33:12 -0500] SEARCH REQ conn=170 op=2 msgID=3
> base="ou=hosts,dc=example,dc=com" scope=wholeSubtree
> filter="(&(objectclass=puppetClient)(cn=basenode))"
attrs="ALL"
> [06/Jan/2012:11:33:12 -0500] SEARCH RES conn=170 op=2 msgID=3 result=0
> nentries=1 etime=0
> [06/Jan/2012:11:33:16 -0500] UNBIND REQ conn=170 op=3 msgID=4
> [06/Jan/2012:11:33:16 -0500] DISCONNECT conn=170 reason="Client
Unbind"
>
> Thanks!
> --
> Later,
> Darin
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.