Commit 768c6ea0 authored by Scott Barthelemy's avatar Scott Barthelemy Committed by Fabien Combernous

Resolve "ensure administrator account is updated"

parent b24339ef
# @summary This class manages admin accounts. It will create/give rights to any admin accounts missing. It will delete accounts set in Hiera to be deleted.
#
# @example
# include freeipa::config::humanadmins
class freeipa::config::humanadmins {
# Get domain in shape for ldappasswd
$dc_domain_split = regsubst($freeipa::domain, '([^.]+)\.*', 'dc=\1,', 'G')
$dc = regsubst($dc_domain_split, ',$', '')
exec { 'kinit as puppet_admin':
command => 'kinit admin -k -t /home/admin/admin.keytab',
}
# Loop through $human_admins
$freeipa::humanadmins.each | String $adminname, Hash[Enum['password','ensure'], String] $adminsettings | {
$_ensure_admin = $adminsettings['ensure'] ? {
Undef => 'present',
default => assert_type(Enum['present','absent'], $adminsettings['ensure']),
}
case $_ensure_admin {
'present': {
exec { "Create ${adminname} account":
command => "ipa user-add ${adminname} --first=${adminname} --last=${adminname} ",
unless => "ipa user-show ${adminname} | grep login",
}
-> exec { "Add ${adminname} account to admins group in FreeIPA":
command => "ipa group-add-member admins --users=${adminname}",
unless => "ipa group-show admins | grep ${adminname}",
}
-> exec { "Update ${adminname} password":
command => "ldappasswd -Z -H ldap://localhost -x -D \"cn=Directory Manager\" -w ${freeipa::directory_services_password} -s ${adminsettings['password']} \"uid=${adminname},cn=users,cn=accounts,${dc}\"",
}
}
'absent': {
exec { "Delete ${adminname} account":
command => "ipa user-del ${adminname}",
}
}
default: { fail("unexpected value ${adminsettings['ensure']}") }
}
}
}
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
# ipa_role => 'master', # ipa_role => 'master',
# domain => 'example.lan', # domain => 'example.lan',
# ipa_server_fqdn => 'ipa-server-1.example.lan', # ipa_server_fqdn => 'ipa-server-1.example.lan',
# admin_password => 'vagrant123', # puppet_admin_password => 'vagrant123',
# directory_services_password => 'vagrant123', # directory_services_password => 'vagrant123',
# install_ipa_server => true, # install_ipa_server => true,
# ip_address => '10.10.10.35', # ip_address => '10.10.10.35',
...@@ -17,6 +17,7 @@ ...@@ -17,6 +17,7 @@
# webui_disable_kerberos => true, # webui_disable_kerberos => true,
# webui_enable_proxy => true, # webui_enable_proxy => true,
# webui_force_https => true, # webui_force_https => true,
# admins => [ 'admin', 'admin2' ],
# } # }
# #
# Parameters # Parameters
...@@ -69,56 +70,59 @@ ...@@ -69,56 +70,59 @@
# This is necessary to allow the WebUI to be accessed behind a reverse proxy when using nonstandard ports. # This is necessary to allow the WebUI to be accessed behind a reverse proxy when using nonstandard ports.
# @param webui_proxy_external_fqdn The public or external FQDN used to access the IPA Web UI behind the reverse proxy. # @param webui_proxy_external_fqdn The public or external FQDN used to access the IPA Web UI behind the reverse proxy.
# @param webui_proxy_https_port The HTTPS port to use for the reverse proxy. Cannot be 443. # @param webui_proxy_https_port The HTTPS port to use for the reverse proxy. Cannot be 443.
# @param $admins The list of admin accounts in freeipa. (The list of users who belong to admins group)
# #
# #
class freeipa ( class freeipa (
Stdlib::Fqdn $domain, Stdlib::Fqdn $domain,
Enum['master','replica','client'] $ipa_role, Enum['master','replica','client'] $ipa_role,
String[8] $admin_password, String[8] $puppet_admin_password,
String[8] $directory_services_password, String[8] $directory_services_password,
Stdlib::IP::Address $ip_address, Stdlib::IP::Address $ip_address,
Stdlib::Fqdn $ipa_master_fqdn, Stdlib::Fqdn $ipa_master_fqdn,
Stdlib::Fqdn $realm = upcase($domain), Stdlib::Fqdn $realm = upcase($domain),
String $autofs_package_name = 'autofs', Freeipa::Humanadmins $humanadmins = {},
Boolean $client_install_ldaputils = false, String $autofs_package_name = 'autofs',
Boolean $configure_dns_server = true, Boolean $client_install_ldaputils = false,
Boolean $configure_ntp = true, Boolean $configure_dns_server = true,
Array[String] $custom_dns_forwarders = [], Boolean $configure_ntp = true,
String $principal_usedto_joindomain = 'admin', Array[String] $custom_dns_forwarders = [],
String $password_usedto_joindomain = $directory_services_password, String $principal_usedto_joindomain = 'admin',
Boolean $enable_hostname = true, String $password_usedto_joindomain = $puppet_admin_password,
Boolean $enable_ip_address = false, Boolean $enable_manage_admins = true,
Boolean $fixed_primary = false, Boolean $enable_hostname = true,
Integer[10000] $idstart = 10000, Boolean $enable_ip_address = false,
Boolean $install_autofs = false, Boolean $fixed_primary = false,
Boolean $install_epel = true, Integer[10000] $idstart = 10000,
Boolean $install_kstart = true, Boolean $install_autofs = false,
Boolean $install_sssdtools = true, Boolean $install_epel = true,
String $ipa_client_package_name = $facts['os']['family'] ? { Boolean $install_kstart = true,
Boolean $install_sssdtools = true,
String $ipa_client_package_name = $facts['os']['family'] ? {
'Debian' => 'freeipa-client', 'Debian' => 'freeipa-client',
default => 'ipa-client', default => 'ipa-client',
}, },
String $ipa_server_package_name = 'ipa-server', String $ipa_server_package_name = 'ipa-server',
Boolean $install_ipa_client = true, Boolean $install_ipa_client = true,
Boolean $install_ipa_server = true, Boolean $install_ipa_server = true,
Boolean $install_sssd = true, Boolean $install_sssd = true,
Stdlib::Fqdn $ipa_server_fqdn = $facts['networking']['fqdn'], Stdlib::Fqdn $ipa_server_fqdn = $facts['networking']['fqdn'],
String $kstart_package_name = 'kstart', String $kstart_package_name = 'kstart',
String $ldaputils_package_name = $facts['os']['family'] ? { String $ldaputils_package_name = $facts['os']['family'] ? {
'Debian' => 'ldap-utils', 'Debian' => 'ldap-utils',
default => 'openldap-clients', default => 'openldap-clients',
}, },
Boolean $manage_host_entry = false, Boolean $manage_host_entry = false,
Boolean $mkhomedir = true, Boolean $mkhomedir = true,
Boolean $no_ui_redirect = false, Boolean $no_ui_redirect = false,
Boolean $server_install_ldaputils = true, Boolean $server_install_ldaputils = true,
String $sssd_package_name = 'sssd-common', String $sssd_package_name = 'sssd-common',
String $sssdtools_package_name = 'sssd-tools', String $sssdtools_package_name = 'sssd-tools',
Boolean $webui_disable_kerberos = false, Boolean $webui_disable_kerberos = false,
Boolean $webui_enable_proxy = false, Boolean $webui_enable_proxy = false,
Boolean $webui_force_https = false, Boolean $webui_force_https = false,
Stdlib::Fqdn $webui_proxy_external_fqdn = 'localhost', Stdlib::Fqdn $webui_proxy_external_fqdn = 'localhost',
String $webui_proxy_https_port = '8440', String $webui_proxy_https_port = '8440',
) { ) {
if $facts['kernel'] != 'Linux' or $facts['osfamily'] == 'Windows' { if $facts['kernel'] != 'Linux' or $facts['osfamily'] == 'Windows' {
...@@ -142,4 +146,3 @@ class freeipa ( ...@@ -142,4 +146,3 @@ class freeipa (
class {'::freeipa::install':} class {'::freeipa::install':}
} }
...@@ -104,6 +104,10 @@ class freeipa::install::server { ...@@ -104,6 +104,10 @@ class freeipa::install::server {
freeipa::helpers::flushcache { "server_${freeipa::ipa_server_fqdn}": } freeipa::helpers::flushcache { "server_${freeipa::ipa_server_fqdn}": }
class {'freeipa::config::admin_user': } class {'freeipa::config::admin_user': }
if $freeipa::ipa_role == 'master' and $freeipa::enable_manage_admins {
class {'freeipa::config::humanadmins':}
}
} else { } else {
fail ("to change ipa_role from '${facts['iparole']}' to '${freeipa::ipa_role}' is not supported.") fail ("to change ipa_role from '${facts['iparole']}' to '${freeipa::ipa_role}' is not supported.")
} }
......
...@@ -9,7 +9,7 @@ class freeipa::install::server::master { ...@@ -9,7 +9,7 @@ class freeipa::install::server::master {
${freeipa::install::server::server_install_cmd_opts_hostname} \ ${freeipa::install::server::server_install_cmd_opts_hostname} \
--realm=${freeipa::realm} \ --realm=${freeipa::realm} \
--domain=${freeipa::domain} \ --domain=${freeipa::domain} \
--admin-password='${freeipa::admin_password}' \ --admin-password='${freeipa::puppet_admin_password}' \
--ds-password='${freeipa::directory_services_password}' \ --ds-password='${freeipa::directory_services_password}' \
${freeipa::install::server::server_install_cmd_opts_setup_dns} \ ${freeipa::install::server::server_install_cmd_opts_setup_dns} \
${freeipa::install::server::server_install_cmd_opts_forwarders} \ ${freeipa::install::server::server_install_cmd_opts_forwarders} \
...@@ -40,6 +40,7 @@ class freeipa::install::server::master { ...@@ -40,6 +40,7 @@ class freeipa::install::server::master {
minute => '*/1', minute => '*/1',
require => Package[$freeipa::kstart_package_name], require => Package[$freeipa::kstart_package_name],
} }
} else { } else {
fail ("to change ipa_role from '${facts['iparole']}' to 'master' is not supported.") fail ("to change ipa_role from '${facts['iparole']}' to 'master' is not supported.")
} }
......
require 'spec_helper'
describe 'freeipa::install::autofs' do
on_supported_os.each do |os, os_facts|
context "on #{os}" do
let(:facts) { os_facts }
let(:pre_condition) do
manifest = <<-EOS
class{ 'freeipa' :
ipa_role => 'master',
ipa_master_fqdn => 'master.example.lan',
ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan',
password_usedto_joindomain => 'foobartest',
puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest',
ip_address => '10.10.10.35',
}
EOS
manifest
end
it { is_expected.to compile }
end
end
end
...@@ -9,12 +9,14 @@ describe 'freeipa class' do ...@@ -9,12 +9,14 @@ describe 'freeipa class' do
ipa_role => 'master', ipa_role => 'master',
domain => 'example.lan', domain => 'example.lan',
ipa_server_fqdn => 'ipa-server-1.example.lan', ipa_server_fqdn => 'ipa-server-1.example.lan',
admin_password => 'vagrant123', puppet_admin_password => 'vagrant123',
directory_services_password => 'vagrant123', directory_services_password => 'vagrant123',
humanadmins => { foo => { password => 'vagrant123', ensure => 'present'}, bar => { password => 'vagrant123', ensure => 'present'} },
install_ipa_server => true, install_ipa_server => true,
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
enable_ip_address => true, enable_ip_address => true,
enable_hostname => true, enable_hostname => true,
enable_manage_admins => false,
manage_host_entry => true, manage_host_entry => true,
install_epel => true, install_epel => true,
webui_disable_kerberos => true, webui_disable_kerberos => true,
...@@ -42,7 +44,7 @@ describe 'freeipa class' do ...@@ -42,7 +44,7 @@ describe 'freeipa class' do
ipa_role => 'replica', ipa_role => 'replica',
domain => 'example.lan', domain => 'example.lan',
ipa_server_fqdn => 'ipa-server-2.example.lan', ipa_server_fqdn => 'ipa-server-2.example.lan',
admin_password => 'vagrant123', puppet_admin_password => 'vagrant123',
directory_services_password => 'vagrant123', directory_services_password => 'vagrant123',
password_usedto_joindomain => 'vagrant123', password_usedto_joindomain => 'vagrant123',
install_ipa_server => true, install_ipa_server => true,
...@@ -73,7 +75,7 @@ describe 'freeipa class' do ...@@ -73,7 +75,7 @@ describe 'freeipa class' do
class {'freeipa': class {'freeipa':
ipa_role => 'client', ipa_role => 'client',
domain => 'example.lan', domain => 'example.lan',
admin_password => 'vagrant123', puppet_admin_password => 'vagrant123',
directory_services_password => 'vagrant123', directory_services_password => 'vagrant123',
password_usedto_joindomain => 'vagrant123', password_usedto_joindomain => 'vagrant123',
ip_address => '10.10.10.37', ip_address => '10.10.10.37',
...@@ -96,7 +98,7 @@ describe 'freeipa class' do ...@@ -96,7 +98,7 @@ describe 'freeipa class' do
ipa_role => 'replica', ipa_role => 'replica',
domain => 'example.lan', domain => 'example.lan',
ipa_server_fqdn => 'ipa-server-1.example.lan', ipa_server_fqdn => 'ipa-server-1.example.lan',
admin_password => 'vagrant123', puppet_admin_password => 'vagrant123',
directory_services_password => 'vagrant123', directory_services_password => 'vagrant123',
install_ipa_server => true, install_ipa_server => true,
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
...@@ -123,7 +125,7 @@ describe 'freeipa class' do ...@@ -123,7 +125,7 @@ describe 'freeipa class' do
class { 'freeipa': class { 'freeipa':
ipa_role => 'client', ipa_role => 'client',
domain => 'example.lan', domain => 'example.lan',
admin_password => 'vagrant123', puppet_admin_password => 'vagrant123',
directory_services_password => 'vagrant123', directory_services_password => 'vagrant123',
password_usedto_joindomain => 'vagrant123', password_usedto_joindomain => 'vagrant123',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
...@@ -195,4 +197,62 @@ describe 'freeipa class' do ...@@ -195,4 +197,62 @@ describe 'freeipa class' do
end end
end end
end end
context 'Test creation of admin accounts' do
hosts_as('master').each do |master|
it 'updates admin password' do
pp = <<-EOS
class { 'freeipa':
ipa_role => 'master',
domain => 'example.lan',
ipa_server_fqdn => 'ipa-server-1.example.lan',
puppet_admin_password => 'vagrant123',
directory_services_password => 'vagrant123',
humanadmins => { foo => { password => 'vagrant123', ensure => 'present'}, bar => { password => 'vagrant123'} },
install_ipa_server => true,
ip_address => '10.10.10.35',
enable_ip_address => true,
enable_hostname => true,
manage_host_entry => true,
install_epel => true,
webui_disable_kerberos => true,
webui_enable_proxy => true,
webui_force_https => true,
ipa_master_fqdn => 'ipa-server-1.example.lan',
}
EOS
apply_manifest_on(master, pp, catch_failures: true)
end
end
end
context 'Test update and delete on admin accounts' do
hosts_as('master').each do |master|
it 'updates admin password' do
pp = <<-EOS
class { 'freeipa':
ipa_role => 'master',
domain => 'example.lan',
ipa_server_fqdn => 'ipa-server-1.example.lan',
puppet_admin_password => 'vagrant123',
directory_services_password => 'vagrant123',
humanadmins => { foo => { password => 'beaker456', ensure => 'present'}, bar => { password => 'vagrant123', ensure => 'absent'} },
install_ipa_server => true,
ip_address => '10.10.10.35',
enable_ip_address => true,
enable_hostname => true,
manage_host_entry => true,
install_epel => true,
webui_disable_kerberos => true,
webui_enable_proxy => true,
webui_force_https => true,
ipa_master_fqdn => 'ipa-server-1.example.lan',
}
EOS
apply_manifest_on(master, pp, catch_failures: true)
end
end
end
end end
...@@ -13,7 +13,7 @@ describe 'freeipa::config::admin_user' do ...@@ -13,7 +13,7 @@ describe 'freeipa::config::admin_user' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
......
require 'spec_helper'
describe 'freeipa::config::humanadmins' do
on_supported_os.each do |os, os_facts|
context "on #{os}" do
let(:pre_condition) do
manifest = <<-EOS
class{ 'freeipa' :
ipa_role => 'master',
ipa_master_fqdn => 'master.example.lan',
ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan',
password_usedto_joindomain => 'foobartest',
puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest',
ip_address => '10.10.10.35',
}
EOS
manifest
end
let(:facts) { os_facts }
it { is_expected.to compile }
end
end
end
...@@ -13,7 +13,7 @@ describe 'freeipa::config::webui' do ...@@ -13,7 +13,7 @@ describe 'freeipa::config::webui' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
......
...@@ -12,7 +12,7 @@ describe 'freeipa' do ...@@ -12,7 +12,7 @@ describe 'freeipa' do
ipa_master_fqdn: 'foo.example.lan', ipa_master_fqdn: 'foo.example.lan',
domain: 'example.lan', domain: 'example.lan',
password_usedto_joindomain: 'foobartest', password_usedto_joindomain: 'foobartest',
admin_password: 'vagrant123', puppet_admin_password: 'vagrant123',
directory_services_password: 'vagrant123', directory_services_password: 'vagrant123',
ip_address: '10.10.10.35' ip_address: '10.10.10.35'
} }
......
...@@ -12,11 +12,11 @@ describe 'freeipa', type: :class do ...@@ -12,11 +12,11 @@ describe 'freeipa', type: :class do
let :params do let :params do
{ {
ipa_role: 'master', ipa_role: 'master',
domain: 'rspec.example.lan', domain: 'example.lan',
admin_password: 'rspecrspec123', puppet_admin_password: 'rspecrspec123',
directory_services_password: 'rspecrspec123', directory_services_password: 'rspecrspec123',
ip_address: '10.10.10.35', ip_address: '10.10.10.35',
ipa_master_fqdn: 'master.rspec.example.lan' ipa_master_fqdn: 'master.example.lan'
} }
end end
...@@ -48,11 +48,11 @@ describe 'freeipa', type: :class do ...@@ -48,11 +48,11 @@ describe 'freeipa', type: :class do
let :params do let :params do
{ {
ipa_role: 'replica', ipa_role: 'replica',
domain: 'rspec.example.lan', domain: 'example.lan',
admin_password: 'rspecrspec123', puppet_admin_password: 'rspecrspec123',
directory_services_password: 'rspecrspec123', directory_services_password: 'rspecrspec123',
ip_address: '10.10.10.36', ip_address: '10.10.10.36',
ipa_master_fqdn: 'replica.rspec.example.lan', ipa_master_fqdn: 'replica.example.lan',
password_usedto_joindomain: 'rspecrspec123' password_usedto_joindomain: 'rspecrspec123'
} }
end end
...@@ -87,11 +87,11 @@ describe 'freeipa', type: :class do ...@@ -87,11 +87,11 @@ describe 'freeipa', type: :class do
let :params do let :params do
{ {
ipa_role: 'client', ipa_role: 'client',
domain: 'rspec.example.lan', domain: 'example.lan',
admin_password: 'rspecrspec123', puppet_admin_password: 'rspecrspec123',
directory_services_password: 'rspecrspec123', directory_services_password: 'rspecrspec123',
ip_address: '10.10.10.36', ip_address: '10.10.10.36',
ipa_master_fqdn: 'client.rspec.example.lan', ipa_master_fqdn: 'client.example.lan',
password_usedto_joindomain: 'rspecrspec123' password_usedto_joindomain: 'rspecrspec123'
} }
end end
......
...@@ -14,7 +14,7 @@ describe 'freeipa::install::autofs' do ...@@ -14,7 +14,7 @@ describe 'freeipa::install::autofs' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
......
...@@ -13,7 +13,7 @@ describe 'freeipa::install::client' do ...@@ -13,7 +13,7 @@ describe 'freeipa::install::client' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
...@@ -38,7 +38,7 @@ describe 'freeipa::install::client' do ...@@ -38,7 +38,7 @@ describe 'freeipa::install::client' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
...@@ -63,7 +63,7 @@ describe 'freeipa::install::client' do ...@@ -63,7 +63,7 @@ describe 'freeipa::install::client' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
......
...@@ -12,7 +12,7 @@ describe 'freeipa::install::server::master' do ...@@ -12,7 +12,7 @@ describe 'freeipa::install::server::master' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
...@@ -38,7 +38,7 @@ describe 'freeipa::install::server::master' do ...@@ -38,7 +38,7 @@ describe 'freeipa::install::server::master' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
...@@ -63,7 +63,7 @@ describe 'freeipa::install::server::master' do ...@@ -63,7 +63,7 @@ describe 'freeipa::install::server::master' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
...@@ -88,7 +88,7 @@ describe 'freeipa::install::server::master' do ...@@ -88,7 +88,7 @@ describe 'freeipa::install::server::master' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
......
...@@ -12,7 +12,7 @@ describe 'freeipa::install::server::replica' do ...@@ -12,7 +12,7 @@ describe 'freeipa::install::server::replica' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
...@@ -38,7 +38,7 @@ describe 'freeipa::install::server::replica' do ...@@ -38,7 +38,7 @@ describe 'freeipa::install::server::replica' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
...@@ -63,7 +63,7 @@ describe 'freeipa::install::server::replica' do ...@@ -63,7 +63,7 @@ describe 'freeipa::install::server::replica' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
...@@ -88,7 +88,7 @@ describe 'freeipa::install::server::replica' do ...@@ -88,7 +88,7 @@ describe 'freeipa::install::server::replica' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
......
...@@ -15,7 +15,7 @@ describe 'freeipa::install::server' do ...@@ -15,7 +15,7 @@ describe 'freeipa::install::server' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
...@@ -40,7 +40,7 @@ describe 'freeipa::install::server' do ...@@ -40,7 +40,7 @@ describe 'freeipa::install::server' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
...@@ -65,7 +65,7 @@ describe 'freeipa::install::server' do ...@@ -65,7 +65,7 @@ describe 'freeipa::install::server' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
ip_address => '10.10.10.35', ip_address => '10.10.10.35',
} }
......
...@@ -14,7 +14,7 @@ describe 'freeipa::install::sssd' do ...@@ -14,7 +14,7 @@ describe 'freeipa::install::sssd' do
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.lan',
domain => 'example.lan', domain => 'example.lan',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
admin_password => 'foobartest', puppet_admin_password => 'foobartest',