diff --git a/Gemfile b/Gemfile index 723eeb8..2ade3b0 100644 --- a/Gemfile +++ b/Gemfile @@ -15,4 +15,5 @@ gem 'facter', '>= 1.7.0' # rspec must be v2 for ruby 1.8.7 if RUBY_VERSION >= '1.8.7' and RUBY_VERSION < '1.9' gem 'rspec', '~> 2.0' + gem 'rake', '~> 10.4.2' end diff --git a/README.md b/README.md index 5e345b1..99ae0ee 100644 --- a/README.md +++ b/README.md @@ -349,11 +349,11 @@ node 'splunk-sh.internal.corp.tld' { auth => { authtype => 'LDAP', ldap_host => 'dc01.testlab.local', - ldap_bindDN => 'CN=Splunk Service Account,CN=Users,DC=corp,DC=tld', - ldap_bindDNpassword => 'changeme', - ldap_SSLEnabled => 0, - ldap_userBaseDN => 'CN=Users,DC=corp,DC=tld', - ldap_groupBaseDN => 'CN=Users,DC=corp,DC=tld;OU=Groups,DC=corp,DC=tld', + ldap_binddn => 'CN=Splunk Service Account,CN=Users,DC=corp,DC=tld', + ldap_binddnpassword => 'changeme', + ldap_sslenabled => 0, + ldap_userbasedn => 'CN=Users,DC=corp,DC=tld', + ldap_groupbasedn => 'CN=Users,DC=corp,DC=tld;OU=Groups,DC=corp,DC=tld', }, rolemap => { 'admin' => 'Splunk Admins;Domain Admins', @@ -491,15 +491,15 @@ node 'splunk-sh.internal.corp.tld' { - `saml_idptype` (specifies the SAML identity provider type to use, currently only supports `ADFS`) - `saml_idpurl` (specifies the base url for the identity provider, for ADFS IdP's this will be something like https://sso.corp.tld/adfs/ls ) - `ldap_host` - - `ldap_bindDN` - - `ldap_bindDNpassword` - - `ldap_userBaseDN` - - `ldap_groupBaseDN` - - `ldap_SSLEnabled` - - `ldap_userNameAttribute` - - `ldap_groupMemberAttribute` - - `ldap_groupNameAttribute` - - `ldap_realNameAttribute` + - `ldap_binddn` + - `ldap_binddnpassword` + - `ldap_userbasedn` + - `ldap_groupbasedn` + - `ldap_sslenabled` + - `ldap_usernameattribute` + - `ldap_groupmemberattribute` + - `ldap_groupnameattribute` + - `ldap_realnameattribute` #### `rolemap` diff --git a/manifests/server/clustering.pp b/manifests/server/clustering.pp index c1c96f2..e170814 100644 --- a/manifests/server/clustering.pp +++ b/manifests/server/clustering.pp @@ -3,10 +3,16 @@ class splunk::server::clustering ( $splunk_home = $splunk::splunk_home, $splunk_os_user = $splunk::splunk_os_user, - $clustering = $splunk::clustering + $clustering = $splunk::clustering, ){ $splunk_app_name = 'puppet_indexer_cluster' - $pass4SymmKey = $clustering[pass4SymmKey] + # if no pass4symmkey defined under clustering, default to general + # pass4symmkey + if $clustering[pass4symmkey] == undef { + $pass4symmkey = $splunk::pass4symmkey + } else { + $pass4symmkey = $clustering[pass4symmkey] + } case $clustering[mode] { 'master': { $replication_factor = $clustering[replication_factor] diff --git a/templates/puppet_common_auth_ldap_base/local/authentication.conf b/templates/puppet_common_auth_ldap_base/local/authentication.conf index b090a7e..f0b8b91 100644 --- a/templates/puppet_common_auth_ldap_base/local/authentication.conf +++ b/templates/puppet_common_auth_ldap_base/local/authentication.conf @@ -5,18 +5,18 @@ authType = LDAP authSettings = ldap_settings [ldap_settings] -bindDN = <%= auth['ldap_binddn'] %> -bindDNpassword = <%= auth['ldap_binddnpassword'] %> -groupBaseDN = <%= auth['ldap_groupbasedn'] %> -SSLEnabled = <%= auth['ldap_sslenabled'] %> -host = <%= auth['ldap_host'] %> +bindDN = <%= @auth['ldap_binddn'] %> +bindDNpassword = <%= @auth['ldap_binddnpassword'] %> +groupBaseDN = <%= @auth['ldap_groupbasedn'] %> +SSLEnabled = <%= @auth['ldap_sslenabled'] %> +host = <%= @auth['ldap_host'] %> groupBaseFilter = (objectClass=group) groupMemberAttribute = member groupNameAttribute = cn realNameAttribute = cn anonymous_referrals = 0 userBaseFilter = (objectClass=user) -userBaseDN = <%= auth['ldap_userbasedn'] %> +userBaseDN = <%= @auth['ldap_userbasedn'] %> userNameAttribute = sAMAccountName [roleMap_ldap_settings]