was there ever a blog post about Puppet 6 going end of life? I'm writing the Foreman 3.7 release notes and would like to link to some official docs

ewoud: https://www.puppet.com/products/puppet-enterprise/support-lifecycle at the bottom

not what I was hoping for

I was hoping for some document that said "it's now EOL, here are docs on how to upgrade"

lol

high expectations!

I'm not sure if such a post exists to be honest

I said hope, not expect!

:D

I think this is closest, the pre-EOL announcement: https://groups.google.com/g/puppet-announce/c/mbccWrN0tX8. Again, probably not as detailed as you were hoping for.

Or the actual EOL announcement: https://groups.google.com/g/puppet-announce/c/x4KNOrHevgE

well, that's better than nothing

thanks!

@Alex Fisher what are you using the ldap query function for? getting ldap users and adding them as local users?

that's what I do

that way local auth doesn't rely on ldap service

not a fan of sssd? :D

indeed :)

btw, does that also work for accounts that have never logged in yet?

so, prepopulating the cache

my biggest issue with ldap accounts is that when your network is down you can't log into servers to fix things, though I must admit I ran that before sssd was even a thing

yeah so no the price I have to pay is "password changes take upto 30 mins to propagate"

*now

which for now, is worth it

removing real time complexity from the process too

I'd rather spend a day debugging puppet talking to ldap (which is not very robust, I must admit) than debugging pam/ldap when it's not working

We are using SSSD and want also to use ldapquery for the case to create local accounts from ldap because we kind of have systems that do no support SSSD. Since we also need somehow a way to remove the manuell hiera structure for the accounts that are also in the ldap already....

storing ssh keys in ldap <3

who uses passwords anyways

ewoud: for sssd you can configure a cache ttl so it will work some time when network is down