One of our apprentices was looking into how we use use the faswho adapter was going to look at how it's configured in raffle on the app servers. When he wasn't able to we discovered that fi-apprentice isn't allowed to login to the app servers. Discussed with nirik and we think that this is a simple oversight rather than a matter of policy. As this is a minimal change and since alpha has slipped I'm asking for a freeze break request to allow this. Here's the necessary puppet change to enable this: diff --git a/manifests/services/appRhel.pp b/manifests/services/appRhel.pp index b8cecf5..58badbc 100644 --- a/manifests/services/appRhel.pp +++ b/manifests/services/appRhel.pp @@ -1,5 +1,5 @@ class appRhel { - $fas_groups= [ "sysadmin-main", "sysadmin-web", "sysadmin-noc" ] + $fas_groups= [ "sysadmin-main", "sysadmin-web", "sysadmin-noc", "fi-apprentice" ] include global include fas::client include xen-guest Since this applies to appRhel, the nodes that it will affect are: app0[1-68] app0[12].stg bapp02 value0[34] value01.stg -Toshio