Fellow chef’s, I have a question about ldap accounts that ohai pulls down. We are a large shop with thousands of servers and we have a large number of ldap accounts (only a few are currently managed by chef). As per the issue in OHAI-165, I believe it may be affecting performance on our chef server. One solution proffered is to place Ohai::Config[:disabled_plugins] = [ "passwd" ] in the client config to disable this. However, if we do this, won’t the ldap accounts be unavailable in resources? Meaning, If I assign the ownership of a file to an ldap account in a file resource, won’t that cause a failure. This since chef will not know anything about that account.. file “/tmp/myfile” do owner “ldapacct1” group “ldapgroup1” mode "0600" end http://tickets.opscode.com/browse/OHAI-165 Anyone have any guidance on this issue? I would like to keep all the ldap info out of ohai, but still be able to use ldap accounts in a resource. Thanks Randy |
Archive powered by MHonArc 2.6.16.