Project

General

Profile

Tâche #30726

Scénario #30575: Intégrer la jonction des postes GNU/Linux à un Active Directory

Ajouter le support de la jonction d’un poste GNU/Linux à un domaine Active Directory

Added by Daniel Dehennin over 2 years ago. Updated over 2 years ago.

Status:
Fermé
Priority:
Normal
Assigned To:
Daniel Dehennin
Target version:
sprint 2020 40-42 Equipe MENSR
Start date:
09/25/2020
Due date:
% Done:

90%

Remaining (hours):
0.0

Description

  1. La jonction d’un poste au domaine Active Directory, quelque soit le système d’exploitation et les rôles associés, doit se faire avec la commande salt '*' state.apply eole-workstation.ad.member
    • Chaque système d’exploitation est réparti dans un sous répertoire eole-workstation.ad.member.linux et eole-workstation.ad.member.windows pour l’instant.
  2. La jonction d’un poste au domaine Active Directory s’il dispose du rôle ad/member doit se faire avec la commande salt '*' state.apply eole-workstation.ad.join
  3. La sortie d’un poste du domaine Active Directory, quelque soit le système d’exploitation et les rôles associés, doit se faire avec la commande salt '*' state.apply eole-workstation.ad.leave
    1. Supprime le rôle ad/member si la sortie est réussie
    2. Redirection vers eole-workstation.ad.member.clean
  4. L’application de la formula par la commande salt '*' state.apply eole-workstation ne doit intégrer le poste que si le rôle ad/member est actif

Associated revisions

Revision 035944fc (diff)
Added by Daniel Dehennin over 2 years ago

Target minions with grains in addition to all Windows machines

As a transition, we continue to join and install Veyon to all Windows
machines but now we add support for grains target.

Ref: #30726
Ref: #30727

Revision 44ede00e (diff)
Added by Daniel Dehennin over 2 years ago

Target minions with grains in addition to all Windows machines

As a transition, we continue to join and install Veyon to all Windows
machines but now we add support for grains target.

Ref: #30726
Ref: #30727

(cherry picked for EOLE 2.7.1 from commit 035944fc0d8f32f161fed51c9beee04b37287f3e)

Revision 685dcecc (diff)
Added by Daniel Dehennin over 2 years ago

EOLE 2.7: join GNU/Linux computers to AD

We extend the “eole-workstation.ad.join” to GNU/Linux machines using
“realmd”.

This formula make sure to add the “ad/member” role to the “roles”
grains because starting on 2.8 it will be used to conditionally join
the computer.

Leaving the domain for Windows computer will remove the grains.

Ref: #30726

Revision 87d12714 (diff)
Added by Daniel Dehennin over 2 years ago

Update changelog and VERSION for 2.4.1

Ref: #30726
Ref: #30727
Ref: #30753

Revision 6119c3b5 (diff)
Added by Daniel Dehennin over 2 years ago

AD/Linux: declare domain controller hostname

Ref: #30726
Ref: #30753

Revision f9ef70b5 (diff)
Added by Daniel Dehennin over 2 years ago

Switch to “ad-formula” and “pam-mount-formula”

To use the “ad-formula” and “pam-mount-formula” we need to generate
dedicated pillars.

Ref: #30726
Ref: #30753

Revision 08b176b5 (diff)
Added by Daniel Dehennin over 2 years ago

SSSD: don't requires principal FQDN at login

It should be mandatory on multi-realm but we don't use that
configuration for now.

Let's simplify user life.

Ref: #30726
Ref: #30753

Revision 7a0e3da7 (diff)
Added by Daniel Dehennin over 2 years ago

Add grains on join

Ref: #30726
Ref: #30753

Revision 42f31891 (diff)
Added by Daniel Dehennin over 2 years ago

AD: use “ad-formula” and “pam-mount-formula”

We transfert the AD join and GNU/Linux mounting of directories to
their dedicated formulas

Ref: #30726
Ref: #30753

Revision fd48bd16 (diff)
Added by Daniel Dehennin over 2 years ago

Update changelog and VERSION for 2.7.0

Ref: #30726
Ref: #30727

Revision db82ecbf (diff)
Added by Daniel Dehennin over 2 years ago

We depends now on “eole-ad-formula” and “eole-pam-mount-formula”

Ref: #30726
Ref: #30753

Revision e60571fc (diff)
Added by Daniel Dehennin over 2 years ago

We now depend on “eole-ad-formula” and “eole-pam-mount-formula”

Ref: #30726
Ref: #30753

Revision e1a3cde5 (diff)
Added by Daniel Dehennin over 2 years ago

We now depend on “eole-ad-formula” and “eole-pam-mount-formula”

Ref: #30726
Ref: #30753

Cherry picked for EOLE 2.8.1 from commit e60571fc72a3a2d68afd2b141a81ddd02375c86f

Revision 041c84d7 (diff)
Added by Daniel Dehennin over 2 years ago

The EOLE “is_defined” don't play well with CreoleLint

CreoleLint does not manage correctly the use of
“%%is_defined("<VAR>")” without using the “<VAR>” in the “%if” block.

  • tmpl/ad.sls: replace the “%%is_defined” by “%%getVar(<VAR>, False)”
  • tmpl/eole-workstation.sls: ditoo.
  • tmpl/pam-mount.sls: ditoo.

Ref: #30726
Ref: #30753

History

#1 Updated by Scrum Master over 2 years ago

  • Status changed from Nouveau to En cours

#2 Updated by Scrum Master over 2 years ago

  • Description updated (diff)
  • Assigned To set to Daniel Dehennin

#3 Updated by Daniel Dehennin over 2 years ago

  • % Done changed from 0 to 90

Fait pour 2.7.1 et 2.7.2 le portage 2.8 sera fait avec un éclatement de la formula en plusieurs partie afin de mieux gérer les différents composants.

#4 Updated by Daniel Dehennin over 2 years ago

  • Status changed from En cours to Résolu

#5 Updated by Laurent Flori over 2 years ago

  • Status changed from Résolu to Fermé
  • Remaining (hours) set to 0.0

Also available in: Atom PDF