I need to create a user account in Linux (RedHat) with Password (for IBM MQ VM box) using Puppet.
Need to use the userid/password for connection for connecting to MQ server from a different server (Node.JS) amqps://userid:password@server:port. All automated with puppet as well.
Below is the process I followed.
1. Logged into a test machine. Created user id / password.
2. Picked up the hash from /etc/shadow
3. Used that in puppet code in password field passed to code (in single quotes).
Code used is below.
$api_group = 'nonprivmq'
$api_userid = 'mquser'
$api_password = 'passwordhashpickedupfrometcshadow' (used single quotes)
# setup group and user for publish / subscribe messages
group { $api_group:
ensure => 'present',
gid => '550',
}
# setup user
user { $api_userid:
ensure => 'present',
uid => '550',
gid => '550',
home => "/home/${api_userid}",
name => $api_userid,
password => $api_password,
managehome => yes,
shell => '/bin/bash',
require => Group[$api_group],
before => Exec['EnableAuth'],
}
It is not working consistently in different machines. Works on ane VM and doesn't work in another VM.
I read the below link and tried the options listed. managing a user password for linux in puppet
Options tried: 1. use function shown in https://gist.github.com/pschyska/26002d5f8ee0da2a9ea0 2. using the openssl command to generate a password hash and use it in puppet. #openssl passwd -1
Both options didn't work.
When I manually login to the MQ server and change password, everything works fine. So it is proven that the password created is not what I intended to create.
Appreciate any assistance.
