[chef] Re: Re: Re: Creating authorized_keys for LDAP users.

[David Petzel < >]

I don't believe so, if you are on the node itself, you'd have access to attributes even before the node has been saved. The situation you describe would apply to other nodes looking at this nodes data.

This really sounds like an Ohai race condition. In your case the second run now has LDAP enabled properly so Ohai is able to detect the users. Does your LDAP recipe restart any services? Are those services restarted delayed or immediate?  If you have any delayed restarts in that recipe immediate might help here. Without knowing what the recipe its a little hard, but maybe add a notification on your last resource in your ldap recipe to call the ohai reload similar to the second example in https://docs.chef.io/resource_ohai.html#examples.

What I am seeing, (I'm using vagrant), is that on the first chef run, the LDAP users are not in in the node structure. However, if I reprovision, (without making any changes), then the users ARE there.

In hindsight, isn't this just the typical node[] not being populated until after the chef run issue?