Resource Type: sensu_ad_auth
Summary
Manages Sensu AD auth.Overview
Autorequires:
Examples:
Add a AD auth
sensu_ldap_auth { 'ad':
ensure => 'present',
servers => [
{
'host' => '127.0.0.1',
'port' => 389,
'binding' => {
'user_dn' => 'cn=binder,dc=acme,dc=org',
'password' => 'P@ssw0rd!'
},
'group_search' => {
'base_dn' => 'dc=acme,dc=org',
},
'user_search' => {
'base_dn' => 'dc=acme,dc=org',
},
},
],
}Add an AD auth that uses memberOf attribute by omitting group_search
sensu_ldap_auth { 'ad':
ensure => 'present',
servers => [
{
'host' => '127.0.0.1',
'port' => 389,
'binding' => {
'user_dn' => 'cn=binder,dc=acme,dc=org',
'password' => 'P@ssw0rd!'
},
'user_search' => {
'base_dn' => 'dc=acme,dc=org',
},
},
],
}Properties
-
ensure
(defaults to: present)
The basic property that the resource should be in.
Supported values:- present
- absent
-
groups_prefix
The prefix added to all LDAP groups.
-
servers
AD servers as Array of Hashes
Keys:
-
host: required
-
port: required
-
group_search: optional (omit to use memberOf)
-
user_search: required
-
binding: optional Hash
-
insecure: default is ‘false`
-
security: default is ‘tls`
-
trusted_ca_file: default is ‘“”`
-
client_cert_file: default is ‘“”`
-
client_key_file: default is ‘“”`
-
default_upn_domain: default is ‘“”`
-
include_nested_groups: Boolean
group_search keys:
-
base_dn: required
-
attribute: default is ‘member`
-
name_attribute: default is ‘cn`
-
object_class: default is ‘group`
user_search Keys:
-
base_dn: required
-
attribute: default is ‘sAMAccountName`
-
name_attribute: default is ‘displayName`
-
object_class: default is ‘person`
binding keys:
-
user_dn: required
-
password: required
-
-
username_prefix
The prefix added to all LDAP usernames.
Parameters
-
name (namevar)
The name of the AD auth.
-
provider
The specific backend to use for this ‘sensu_ad_auth` resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.