brocadevtm::user_authenticators do not get added/updated

[john275]

When using running a manifest other objects get updated or added but user_authenticators do not get get updated or added, using something similar to the below :/

brocadevtm::user_authenticators { 'xxxxx':
ensure => present,
basic__enabled => true,
basic__type => 'ldap',
ldap__base_dn => 'ou=c,DC=d,DC=e,DC=f',
ldap__bind_dn => 'CN=%u,OU=a,OU=b,ou=c,DC=d,DC=e,DC=f',
ldap__dn_method => 'construct',
ldap__filter => 'someobject=%u',
ldap__group_attribute => 'someattribute',
ldap__group_field => 'cn',
ldap__server => $ldap_vip,
}

Foreman reports all these objects checked, but user_authenticators seem to be missing:

monitors/xxx OK
license_keys/828999 OK
actions/xxx OK
traffic_ip_groups/xxx OK
monitors/xxx OK
global_settings OK
locations/Location2 OK
actions/xxx OK
event_types/xxx OK
traffic_managers/xxx OK
monitors/xxx OK
event_types/xxx OK
event_types/xxx OK
monitors/xxx OK
traffic_ip_groups/xxx OK
traffic_managers/xxx OK
event_types/xxx OK
dns_server/zone_files/xxx.zone OK
dns_server/zones/xxx OK
event_types/xxx OK
locations/Location1 OK
glb_services/xxx OK
glb_services/xxx OK
virtual_servers/xxx OK

[TuxInvader]

Hi Jon,

Applying a manifest which includes user_authenticators works for me. What version of the module and VTM are you using?

Cheers

[tenajsystems]

@TuxInvader I am also having the same issue and I am using version 1.500.0 of the module and the version of the VTM that I am using is 17.3

[TuxInvader]

Are you also seeing this error through foreman?
If you run "puppet apply --noop" does it also ignore your User Authenticator definitions?

[tenajsystems]

Below is what I am getting when I use "puppet apply --noop"

/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/environments.rb:38:in get!': Could not find a directory environment named 'development' anywhere in the path: /etc/puppetlabs/code/environments. Does the directory exist? (Puppet::Environments::EnvironmentNotFound) from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application_support.rb:29:in push_application_context'
from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:346:in run' from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:132:in run'
from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:72:in execute' from /opt/puppetlabs/bin/puppet:5:in

'

[TuxInvader]

That looks like puppet simply can't find the 'development' environment. Does it end there? Did you provide the command with your manifest? The command should have been puppet apply --noop <manifest>

Eg puppet apply --noop site.pp or puppet apply --noop vtm-config.pp

What OS and version of puppet are you running? I'll set up a VM and try to reproduce it.

[tenajsystems]

It ends with `

' after the "5:in"

I just tried providing it with my manifest and I still get the same message as above.

I am running Ubuntu 16.04.3 LTS and puppet version 4.10.5 on the clients and version 4.10.6 (on master)

Once thing I noticed too was, when I manually configure the LDAP on the VTM and run the genManifest tool, It generates a class for the user_authenticators_. Once that class is generated by the tool, I delete the ldap settings from brocade and then extend the generated class into my manifest and then run "puppet agent -t" and that works with no issues. Not sure why that works

[tenajsystems]

@john275, Below worked for the user_authenticators.

  brocadevtm::user_authenticators { 'Test':
    ensure                      => present,
    basic__description          => 'Test Authenticators',
    basic__enabled              => true,
    basic__type                 => 'ldap',
    ldap__base_dn               => 'ou=test,dc=example,dc=test,dc=com',
    ldap__bind_dn               => '%[email protected]',
    ldap__dn_method             => 'construct',
    ldap__fallback_group        => undef,
    ldap__filter                => 'cn=%u',
    ldap__group_attribute       => 'memberOf',
    ldap__group_field           => 'CN',
    ldap__group_filter          => undef,
    ldap__port                  => 389,
    ldap__search_dn             => undef,
    ldap__search_password       => undef,
    ldap__server                => 'example.test.com',
    ldap__timeout               => 30,
    radius__fallback_group      => undef,
    radius__group_attribute     => 1,
    radius__group_vendor        => 7146,
    radius__nas_identifier      => undef,
    radius__nas_ip_address      => undef,
    radius__port                => 1812,
    radius__secret              => undef,
    radius__server              => undef,
    radius__timeout             => 30,
    tacacs_plus__auth_type      => 'pap',
    tacacs_plus__fallback_group => undef,
    tacacs_plus__group_field    => 'permission-group',
    tacacs_plus__group_service  => 'zeus',
    tacacs_plus__port           => 49,
    tacacs_plus__secret         => undef,
    tacacs_plus__server         => undef,
    tacacs_plus__timeout        => 30,
  }
}    

[TuxInvader]

@tenajsystems If you run genManifest on a vTM that has configuration, then those objects get included as "Built-in" configuration and a class is generated for each one.

As you're running puppet 4, then it could be an issue with changes to the escape sequences made in 4.x. Assuming that you have '\' sequences in your LDAP config? I've published 2.x versions on the forge to work better with 4.x and higher. See: #9

Alternatively you can clone this repo and drop it in your modules folder. I've just made it easier to debug as all manifests now inherit the debug level from the top brocadevtm class. So it'll print what it's sending and hopefully give more information when errors occur. Just set debug on your brocadevtm class, eg:

class { 'brocadevtm':
   debug => 5,
   ...
}

[tenajsystems]

@TuxInvader thanks.