Fixed #1272 - ldap group names will be converted to GIDs.

Note that this only looks up ldap groups, at this point; if you want to set an
ldap user's primary group to a local group, you have to specify the GID.

Signed-off-by: Luke Kanies <luke@madstop.com>

2 files changed, 23 insertions, 0 deletions

diff --git a/lib/puppet/provider/group/ldap.rb b/lib/puppet/provider/group/ldap.rb
index a4870fc68..37a7e7343 100644
--- a/lib/puppet/provider/group/ldap.rb
+++ b/lib/puppet/provider/group/ldap.rb
@@ -36,4 +36,13 @@ Puppet::Type.type(:group).provide :ldap, :parent => Puppet::Provider::Ldap do
         largest + 1
     end
 
+    # Convert a group name to an id.
+    def self.name2id(group)
+        return nil unless result = manager.search("cn=%s" % group) and result.length > 0
+
+        # Only use the first result.
+        group = result[0]
+        gid = group[:gid][0]
+        return gid
+    end
 end
diff --git a/lib/puppet/provider/user/ldap.rb b/lib/puppet/provider/user/ldap.rb
index 0d149ac9a..da1edc520 100644
--- a/lib/puppet/provider/user/ldap.rb
+++ b/lib/puppet/provider/user/ldap.rb
@@ -45,6 +45,15 @@ Puppet::Type.type(:user).provide :ldap, :parent => Puppet::Provider::Ldap do
         largest + 1
     end
 
+    # Convert our gid to a group name, if necessary.
+    def gid=(value)
+        unless [Fixnum, Bignum].include?(value.class)
+            value = group2id(value)
+        end
+
+        @property_hash[:gid] = value
+    end
+
     # Find all groups this user is a member of in ldap.
     def groups
         # We want to cache the current result, so we know if we
@@ -101,6 +110,11 @@ Puppet::Type.type(:user).provide :ldap, :parent => Puppet::Provider::Ldap do
         end
     end
 
+    # Convert a gropu name to an id.
+    def group2id(group)
+        Puppet::Type.type(:group).provider(:ldap).name2id(group)
+    end
+
     private
 
     def group_manager