diff --git a/.gitignore b/.gitignore
index 5fff1d9..0a37077 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,21 @@
-pkg
+pkg/
+Gemfile.lock
+Gemfile.local
+vendor/
+.vendor/
+spec/fixtures/manifests/
+spec/fixtures/modules/
+.vagrant/
+.bundle/
+.ruby-version
+coverage/
+log/
+.idea/
+.dependencies/
+.librarian/
+Puppetfile.lock
+*.iml
+.*.sw?
+.yardoc/
+Guardfile
+
diff --git a/.project b/.project
new file mode 100644
index 0000000..91888a0
--- /dev/null
+++ b/.project
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>puppet-voms</name>
+	<comment></comment>
+	<projects>
+		<project>external-mysql</project>
+		<project>external-stdlib</project>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>com.puppetlabs.geppetto.pp.dsl.ui.modulefileBuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.xtext.ui.shared.xtextBuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>com.puppetlabs.geppetto.pp.dsl.ui.puppetNature</nature>
+		<nature>org.eclipse.xtext.ui.shared.xtextNature</nature>
+	</natures>
+</projectDescription>
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..8192a37
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,17 @@
+sudo: false
+dist: trusty
+language: ruby
+cache: bundler
+before_install:
+- bundle -v
+- rm Gemfile.lock || true
+- gem update --system
+- gem update bundler
+- gem --version
+- bundle -v
+script:
+- bundle exec rake $CHECK
+matrix:
+- rvm: 2.4.2
+  bundler_args: --without system_tests development release
+  env: PUPPET_VERSION="~> 5.0" CHECK=build DEPLOY_TO_FORGE=yes 
diff --git a/CHANGELOG b/CHANGELOG
index 4140a23..08ff5b6 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,14 @@
+2018-09-03  Andrea Manzi  <andrea.manzi@cern.ch>
+    * update voms servers for dteam
+2016-07-08  Andrea Manzi  <andrea.manzi@cern.ch>
+    * update LSST, DZERO and CDF vo params
+2016-06-29  Andrea Manzi  <andrea.manzi@cern.ch>
+    * updated CA DN for dteam
+2016-01-18 Frederic Schaer  <frederic.schaer@cea.fr>
+    * Puppet 4 support
+2015-12-11  Andrea Manzi  <andrea.manzi@cern.ch>
+    * Added travis files
+2015-03-30  Andrea Manzi  <andrea.manzi@cern.ch>
+    * Renaming voms-clients package to voms-clients-cpp
 2011-04-01  Ricardo Rocha  <ricardo.rocha@cern.ch>
-
     * First Release
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..666c75d
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,77 @@
+source ENV['GEM_SOURCE'] || "https://rubygems.org"
+
+def location_for(place, fake_version = nil)
+  if place =~ /^(git[:@][^#]*)#(.*)/
+    [fake_version, { :git => $1, :branch => $2, :require => false }].compact
+  elsif place =~ /^file:\/\/(.*)/
+    ['>= 0', { :path => File.expand_path($1), :require => false }]
+  else
+    [place, { :require => false }]
+  end
+end
+
+group :test do
+  gem 'puppetlabs_spec_helper', '~> 2.5.0',                         :require => false
+  gem 'rspec-puppet', '~> 2.5',                                     :require => false
+  gem 'rspec-puppet-facts',                                         :require => false
+  gem 'rspec-puppet-utils',                                         :require => false
+  gem 'puppet-lint-leading_zero-check',                             :require => false
+  gem 'puppet-lint-trailing_comma-check',                           :require => false
+  gem 'puppet-lint-version_comparison-check',                       :require => false
+  gem 'puppet-lint-classes_and_types_beginning_with_digits-check',  :require => false
+  gem 'puppet-lint-unquoted_string-check',                          :require => false
+  gem 'puppet-lint-variable_contains_upcase',                       :require => false
+  gem 'metadata-json-lint',                                         :require => false
+  gem 'redcarpet',                                                  :require => false
+  gem 'rubocop', '~> 0.49.1',                                       :require => false if RUBY_VERSION >= '2.3.0'
+  gem 'rubocop-rspec', '~> 1.15.0',                                 :require => false if RUBY_VERSION >= '2.3.0'
+  gem 'mocha', '>= 1.2.1',                                          :require => false
+  gem 'coveralls',                                                  :require => false
+  gem 'simplecov-console',                                          :require => false
+  gem 'rack', '~> 1.0',                                             :require => false if RUBY_VERSION < '2.2.2'
+  gem 'parallel_tests',                                             :require => false
+end
+
+group :development do
+  gem 'travis',                   :require => false
+  gem 'travis-lint',              :require => false
+  gem 'guard-rake',               :require => false
+  gem 'overcommit', '>= 0.39.1',  :require => false
+end
+
+group :system_tests do
+  gem 'winrm',                         :require => false
+  if beaker_version = ENV['BEAKER_VERSION']
+    gem 'beaker', *location_for(beaker_version)
+  else
+    gem 'beaker', '>= 3.9.0', :require => false
+  end
+  if beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION']
+    gem 'beaker-rspec', *location_for(beaker_rspec_version)
+  else
+    gem 'beaker-rspec',  :require => false
+  end
+  gem 'serverspec',                    :require => false
+  gem 'beaker-puppet_install_helper',  :require => false
+  gem 'beaker-module_install_helper',  :require => false
+end
+
+group :release do
+  gem 'github_changelog_generator',  :require => false if RUBY_VERSION >= '2.2.2'
+  gem 'puppet-blacksmith',           :require => false
+  gem 'voxpupuli-release',           :require => false, :git => 'https://github.com/voxpupuli/voxpupuli-release-gem'
+  gem 'puppet-strings', '~> 1.0',    :require => false
+end
+
+
+
+if facterversion = ENV['FACTER_GEM_VERSION']
+  gem 'facter', facterversion.to_s, :require => false, :groups => [:test]
+else
+  gem 'facter', :require => false, :groups => [:test]
+end
+
+ENV['PUPPET_VERSION'].nil? ? puppetversion = '~> 5.0' : puppetversion = ENV['PUPPET_VERSION'].to_s
+gem 'puppet', puppetversion, :require => false, :groups => [:test]
+
+# vim: syntax=ruby
diff --git a/Modulefile b/Modulefile
deleted file mode 100644
index 429dfbf..0000000
--- a/Modulefile
+++ /dev/null
@@ -1,9 +0,0 @@
-name    'rocha-voms'
-version '0.1.0'
-source 'git://github.com/rochaporto/puppet-voms.git'
-author 'rocha'
-license 'Apache License, Version 2.0 (the "License")'
-summary 'Resources for managing a gLite Virtual Organization Membership Service (VOMS) client and server installation'
-description 'This modules provides classes and definitions required to manage and properly configure a gLite service or client supporting authorization using the gLite Virtual Organization Membership Service (VOMS).'
-project_page 'http://glite.org'
-dependency 'puppetlabs/stdlib'
diff --git a/README b/README
new file mode 100644
index 0000000..0927501
--- /dev/null
+++ b/README
@@ -0,0 +1,40 @@
+This module manages VOMS resources for VOMS clients. 
+
+VOMS is the Virtual Organization Membership Service, in use by gLite, EMI, and
+other grid computing projects.
+
+== Examples
+ 
+   voms::server { 
+    "voms_MyVO_cern":
+      vo     => "MyVO",
+      server => "voms.cern.ch",
+      port   => 15001,
+      dn     => ["/DC=ch/DC=cern/OU=computers/CN=voms.cern.ch"],
+      ca_dn  => ["/DC=ch/DC=cern/CN=CERN Trusted Certification Authority"];
+   }
+
+ The above declaration will create the files:
+
+ /etc/vomses/MyVO/voms.cern.ch
+ and
+ /etc/grid-security/vomsdir/MyVO/voms.cern.ch.lsc
+
+
+ For some VOs, you can probably find a predefined class you can enable which
+ does all the required setup without any additional configuration e.g:
+
+   class{'voms::atlas':}
+   or
+   class{'voms::dteam':}
+
+ Additions of new VOs will be accepted.
+
+== Authors
+
+ CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+ CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+
+
+
diff --git a/README.md b/README.md
index 1796e47..146e937 100644
--- a/README.md
+++ b/README.md
@@ -1,33 +1,35 @@
 ## cernops-voms puppet module
 
-This module manages VOMS resources for VOMS clients, VOMS core and VOMS Admin.
+[![Puppet Forge](http://img.shields.io/puppetforge/v/lcgdm/voms.svg)](https://forge.puppetlabs.com/lcgdm/voms)
+[![Build Status](https://travis-ci.org/hep-puppet/puppet-voms.svg?branch=master)](https://travis-ci.org/hep-puppet/puppet-voms)
+
+This module manages VOMS resources for VOMS clients
 
 VOMS is the Virtual Organization Membership Service, in use by gLite, EMI, and
 other grid computing projects.
 
 ## Examples
 ### Client Examples
-Create files for the voms-proxy-init and voms-proxy-validate.
 
      voms::client{'MyVO':
         vo       => 'MyVO',
-        servers  => [{server => 'voms.cern.ch',
+        servers  => [{server => 'voms2.cern.ch',
                       port   => '15009',
-                      dn     => '/DC=ch/DC=cern/OU=computers/CN=voms.cern.ch',
-                      ca_dn  => '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority'
+                      dn     => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                      ca_dn  => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
                      },
-                     {server => 'lcg-voms.cern.ch',
+                     {server => 'lcg-voms2.cern.ch',
                       port   => '15009',
-                       dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch',
-                       ca_dn => '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority'
+                       dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                       ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
                      }]
 
  The above declaration will create the files:
 
-     /etc/vomses/MyVO/voms.cern.ch
+     /etc/vomses/MyVO-voms.cern.ch
  and
 
-     /etc/grid-security/vomsdir/MyVO/voms.cern.ch.lsc
+     /etc/grid-security/vomsdir/MyVO/voms2.cern.ch.lsc
 
 
  For some VOs, you can probably find a predefined class to enable a
@@ -40,85 +42,3 @@ Create files for the voms-proxy-init and voms-proxy-validate.
 Additions of new VOs will be accepted, please submit pull requests
 however zero validation of parameters will be made.
 
-### A VOMS Core Example
-VOMS core is the main voms service and responds to voms-proxy-init requests.
-To configure a VOMS core services for two VOs.
-
-     # Configure defaults.
-     Voms::Core{
-         issuer => 'voms.example.org',
-         sqlpwd => 12345,
-         sqlhost => 'mysql.example.org'
-     }
-     # Configure VOs.
-     voms::core{'special.vo': port => 10000}
-     voms::core{'very.special.vo': port => 10001}
-
-For full list of available parameters see voms::core definition.
-
-### A VOMS Admin Example
-VOMS admin is the tomcat hosted webservice for managing  a Virtual Organisation.
-To configure a few  VOMS admin for a number of VOs.
-
-     # Configure defaults.
-     Voms::Admin{
-        sqlpwd => 12345,
-        sqlhost => 'mysql.example.org'
-     }
-     voms::admin{'special.vo': 
-        port => 10000,
-        mailfrom => 'whoever@example.org'
-     }
-     voms::admin{'very.special.vo': 
-        port     => 10001,
-        mailfrom => 'specialman@example.org',
-        config_hash => {'voms.cafiles.period' => 2000,
-                      'voms.notification.smtp-server' => '127.0.0.1'
-                     }
-     }
-
-For full list of available paramters see voms::admin definition.
-
-The voms::admin definition will not update or load database schemas
-however scripts are generated within /etc/voms-admin-puppet to 
-allow this to be done. e.g:
-
-    /etc/voms-admin-puppet/voms-admin-create-very.special.vo.sh 
-
-will create a schema for the 'very.special.vo'
-   
-## Database Configuration
-VOMS admin and voms core require a database per VO. At this time this 
-puppet module only supports mysql. A mysql server can be 
-configured using puppetlabs-mysql module. 
-The Mysql users and access grants are exported as puppet resources from the 
-above voms::admin and voms::core declarations. Assuming default database
-names of <voname>_db for each VO the following manifest will install
-and configure mysql with all grant tables suitable for VOMS and VOMS-Admin
-services to connect to.
-
-     class{'mysql::server': }
-     class{'voms::mysql':
-           vo_dbs => ['special.vo_db','very.special.vo_db']
-     }
-  
-This assumes your puppet service is configured to support 
-export resources.
-
-
-### Todo
-Configure tomcat and trustmanager outside this VOMS 
-module so other services can use it.
-
-Use the existing EMI yum repo puppet module rather than manage myself.
-
-Add some validation of items that are passed to voms admin with config hash,
-currently they will be blindly added to the voms.service.properties files.
-
-## Authors
- CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>, Ricardo Rocha
- CERN IT/PS/PES <it-dep-ps-pes@cern.ch>, Steve Traylen
- Bugs, Comments, Pull requests - https://github.com/cernops/puppet-voms
-
-
-
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..041d233
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,66 @@
+require 'puppetlabs_spec_helper/rake_tasks'
+
+# load optional tasks for releases
+# only available if gem group releases is installed
+begin
+  require 'puppet_blacksmith/rake_tasks'
+  require 'voxpupuli/release/rake_tasks'
+  require 'puppet-strings/tasks'
+rescue LoadError
+end
+
+PuppetLint.configuration.log_format = '%{path}:%{line}:%{check}:%{KIND}:%{message}'
+PuppetLint.configuration.fail_on_warnings = true
+PuppetLint.configuration.send('relative')
+PuppetLint.configuration.send('disable_140chars')
+PuppetLint.configuration.send('disable_class_inherits_from_params_class')
+PuppetLint.configuration.send('disable_documentation')
+PuppetLint.configuration.send('disable_single_quote_string_with_variables')
+
+exclude_paths = %w(
+  pkg/**/*
+  vendor/**/*
+  .vendor/**/*
+  spec/**/*
+)
+PuppetLint.configuration.ignore_paths = exclude_paths
+PuppetSyntax.exclude_paths = exclude_paths
+
+desc 'Run acceptance tests'
+RSpec::Core::RakeTask.new(:acceptance) do |t|
+  t.pattern = 'spec/acceptance'
+end
+
+desc 'Run tests metadata_lint, release_checks'
+task test: [
+  :metadata_lint,
+  :release_checks,
+]
+
+desc "Run main 'test' task and report merged results to coveralls"
+task test_with_coveralls: [:test] do
+  if Dir.exist?(File.expand_path('../lib', __FILE__))
+    require 'coveralls/rake/task'
+    Coveralls::RakeTask.new
+    Rake::Task['coveralls:push'].invoke
+  else
+    puts 'Skipping reporting to coveralls.  Module has no lib dir'
+  end
+end
+
+begin
+  require 'github_changelog_generator/task'
+  GitHubChangelogGenerator::RakeTask.new :changelog do |config|
+    version = (Blacksmith::Modulefile.new).version
+    config.future_release = "v#{version}" if version =~ /^\d+\.\d+.\d+$/
+    config.header = "# Changelog\n\nAll notable changes to this project will be documented in this file.\nEach new release typically also includes the latest modulesync defaults.\nThese should not affect the functionality of the module."
+    config.exclude_labels = %w{duplicate question invalid wontfix wont-fix modulesync skip-changelog}
+    config.user = 'voxpupuli'
+    metadata_json = File.join(File.dirname(__FILE__), 'metadata.json')
+    metadata = JSON.load(File.read(metadata_json))
+    config.project = metadata['name']
+  end
+rescue LoadError
+end
+# vim: syntax=ruby
+
diff --git a/manifests/admin.pp b/manifests/admin.pp
index 658361b..98b3903 100644
--- a/manifests/admin.pp
+++ b/manifests/admin.pp
@@ -1,154 +1,165 @@
-# == Define: voms::admin
-# 
-# Creates a voms core instance for a VO or virtual organisation.
-# 
-# === Parameters
-# 
-# [*vo*]
-#  The name of virtual orgnisation. If not defined the namevar of the voms::admin intance will be used.
-# 
-# [*sqlhost*]
-#  The name of the database host, defaults to localhost.
-# 
-# [*sqldbname*] 
-#  The name of the database, defaults <vo_name>_db
-# 
-# [*sqlusername*]
-#  The name of the sql user. Defaults to <vo_name>_admin
-# 
-# [*sqlport*]
-#  Defaults to mysql default 3306 
-# 
-# [*sqlpwd*]
-#  The sqlpassword.
-# 
-# [*port*]
-#  Must be defined as the port the voms core service should listen.
-#  This must be unique per VO however please note this uniqueness
-#  is not checked by puppet.
-# 
-# [*mailfrom*]
-#  The mailaddress from where voms-admin notification should be sent.
-# 
-# [*mailsmtp*]
-#  The smtp server to use, default localhost.
-# 
-# [*config_hash*]
-#  A hash of key value pairs that end up in the voms-admin properties
-#  file for the service in 
-#  /etc/voms-admin/<vo_name>/voms.service.properties.
-#  
-# === Examples
-# 
-# voms::admin{'atlas':
-#      port     => '2000',
-#      mailfrom => 'me@example.org',
-#      sqlpwd   => '12345',
-#      sqlhost  => 'example.mysql.example.org',
-#      config_hash => {'voms.cafiles.period' => 2000,
-#                      'voms.notification.smtp-server' => '127.0.0.1'
-#                     }
-# }
-# === Authors
-# Steve Traylen <steve.traylen@cern.ch>
-# 
-# === Copyright 
-# Copyright Steve Traylen,  CERN 2012 
-# 
-# === License
-#  Apache II
-# 
-define voms::admin($vo=$name,
-                   $sqlhost='localhost',
-                   $sqldbname="${name}_db",
-                   $sqlusername="${name}_admin",
-                   $sqlport=3306,
-                   $port,
-                   $mailfrom,
-                   $mailsmtp='localhost',
-                   $sqlpwd,
-                   $config_hash = {} ) {
-
-       ensure_resource('class','voms::admin::install')
-       ensure_resource('class','voms::admin::config')
-       ensure_resource('class','voms::admin::service')
-       Class[Voms::Admin::Install] -> Class[Voms::Admin::Config] -> Voms::Admin[$vo] -> Class[Voms::Admin::Service]
-
-
-       file{"/etc/voms-admin-puppet/voms-admin-add-admin-${vo}.sh":
-           ensure => file,
-           content => template("voms/voms-admin-add-admin.sh.erb"),
-           mode    => "0700",
-       }
-
-
-       file{"/etc/voms-admin-puppet/voms-admin-remove-${vo}.sh":
-           ensure => file,
-           content => template("voms/voms-admin-remove.sh.erb"),
-           mode    => "0700",
-       }
-
-       file{"/etc/voms-admin-puppet/voms-admin-create-${vo}.sh":
-           ensure => file,
-           content => template("voms/voms-admin-create.sh.erb"),
-           mode    => "0700",
-       }
-
-       file{"/etc/voms-admin-puppet/voms-admin-upgrade-${vo}.sh":
-           ensure => file,
-           content => template("voms/voms-admin-upgrade.sh.erb"),
-           mode    => "0700",
-       }
-
-       file{"/etc/voms-admin-puppet/voms-admin-install-${vo}.sh":
-           ensure => file,
-           content => template("voms/voms-admin-install.sh.erb"),
-           mode    => "0700",
-           notify  => Exec["/etc/voms-admin-puppet/voms-admin-install-${vo}.sh"]
-       }
-
-       exec{"/etc/voms-admin-puppet/voms-admin-install-${vo}.sh":
-           refreshonly => true,
-           notify      => Service['voms-admin']
-       }
-
-       # We need a newer proprties.aug file than SLC5 or 6 provide
-       # Can be dropped hopefully at a later date providing
-       # abc.def_defg = 12345
-       case $::augeasversion {
-         '0.9.0','0.10.0': { $lenspath = '/var/lib/puppet/lib/augeas/lenses' }
-          default: { $lenspath = undef }
-       }
-
-       $augyaml = inline_template('
----
-<% config_hash.each do |k,v| -%>
-<%= @vo %>_<%= k %>:
-   lens: Properties.lns
-   incl: /etc/voms-admin/<%= @vo %>/voms.service.properties
-   changes: set "<%= k %>" "<%= v %>"
-   load_path: <%= @lenspath %>
-   require: Exec[/etc/voms-admin-puppet/voms-admin-install-<%= @vo %>.sh]
-   notify: Service[tomcat]
-
-<% end -%>
-        ')
-
-     $aughash = parseyaml($augyaml)
-   
-     create_resources('augeas',$aughash)
-
-
-
-
-       @@database_user{"${sqlusername}@${::fqdn}":
-          tag           => 'voms_database_users',
-          password_hash => mysql_password("${sqlpwd}"),
-          require       => Class['mysql::server']
-       }
-       @@database_grant{"${sqlusername}@${::fqdn}/${sqldbname}":
-          tag           => 'voms_database_grant',
-          privileges    => ['Select_priv','Insert_priv','Update_priv','Alter_Priv','Create_Priv']
-       }
-}
-
+# == Define: voms::admin
+# 
+# Creates a voms core instance for a VO or virtual organisation.
+# 
+# === Parameters
+# 
+# [*hostname*]
+#  The hostname of the voms-admin instance. By default it is the $::fqdn.
+#
+# [*vo*]
+#  The name of virtual orgnisation. If not defined the namevar of the voms::admin intance will be used.
+# 
+# [*sqlhost*]
+#  The name of the database host, defaults to localhost.
+# 
+# [*sqldbname*] 
+#  The name of the database, defaults <vo_name>_db
+# 
+# [*sqlusername*]
+#  The name of the sql user. Defaults to <vo_name>_admin
+# 
+# [*sqlport*]
+#  Defaults to mysql default 3306 
+# 
+# [*sqlpwd*]
+#  The sqlpassword.
+# 
+# [*port*]
+#  Must be defined as the port the voms core service should listen.
+#  This must be unique per VO however please note this uniqueness
+#  is not checked by puppet.
+# 
+# [*mailfrom*]
+#  The mailaddress from where voms-admin notification should be sent.
+# 
+# [*mailsmtp*]
+#  The smtp server to use, default localhost.
+# 
+# [*config_hash*]
+#  A hash of key value pairs that end up in the voms-admin properties
+#  file for the service in 
+#  /etc/voms-admin/<vo_name>/voms.service.properties.
+#  
+# === Examples
+# 
+# voms::admin{'atlas':
+#      port     => '2000',
+#      mailfrom => 'me@example.org',
+#      sqlpwd   => '12345',
+#      sqlhost  => 'example.mysql.example.org',
+#      config_hash => {'voms.cafiles.period' => 2000,
+#                      'voms.notification.smtp-server' => '127.0.0.1'
+#                     }
+# }
+# === Authors
+# Steve Traylen <steve.traylen@cern.ch>
+# 
+# === Copyright 
+# Copyright Steve Traylen,  CERN 2012 
+# 
+# === License
+#  Apache II
+# 
+define voms::admin($vo=$name,
+                   $sqlhost='localhost',
+                   $sqldbname="${name}_db",
+                   $sqlusername="${name}_admin",
+                   $sqlport=3306,
+                   $port,
+                   $mailfrom,
+                   $mailsmtp='localhost',
+                   $sqlpwd,
+                   $passfile=$vo ? {
+                    ''      => "/etc/voms/${name}/voms.pass",
+                    default => "/etc/voms/${vo}/voms.pass"
+                   },
+                   $disable_registration,
+                   $disable_notification,
+                   $config_hash = {} ) {
+
+       include('voms::admin::install')
+       include('voms::admin::config')
+       include('voms::admin::service')
+       Class[Voms::Admin::Install] -> Class[Voms::Admin::Config] -> Voms::Admin[$name] -> Class[Voms::Admin::Service]
+
+
+       file{"/etc/voms-admin-puppet/voms-admin-add-admin-${vo}.sh":
+           ensure  => file,
+           content => template('voms/voms-admin-add-admin.sh.erb'),
+           mode    => '0700',
+       }
+
+
+       file{"/etc/voms-admin-puppet/voms-admin-remove-${vo}.sh":
+           ensure  => file,
+           content => template('voms/voms-admin-remove.sh.erb'),
+           mode    => '0700',
+       }
+
+       file{"/etc/voms-admin-puppet/voms-admin-create-${vo}.sh":
+           ensure  => file,
+           content => template('voms/voms-admin-create.sh.erb'),
+           mode    => '0700',
+       }
+
+       file{"/etc/voms-admin-puppet/voms-admin-upgrade-${vo}.sh":
+           ensure  => file,
+           content => template('voms/voms-admin-upgrade.sh.erb'),
+           mode    => '0700',
+       }
+
+
+       file{"/etc/voms-admin-puppet/voms-admin-install-${vo}.sh":
+           ensure  => file,
+           content => template('voms/voms-admin-install.sh.erb'),
+           mode    => '0700',
+           notify  => Exec["/etc/voms-admin-puppet/voms-admin-install-${vo}.sh"],
+           require => Class['fetchcrl']
+       }
+
+       exec{"/etc/voms-admin-puppet/voms-admin-install-${vo}.sh":
+           refreshonly => true,
+           require     => [File['/etc/grid-security/vomskey.pem'],File['/etc/grid-security/vomscert.pem']],
+           notify      => Service['voms-admin'],
+       }
+
+
+       # We need a newer proprties.aug file than SLC5 or 6 provide
+       # Can be dropped hopefully at a later date providing
+       # abc.def_defg = 12345
+       case $::augeasversion {
+         '0.9.0','0.10.0': { $lenspath = '/var/lib/puppet/lib/augeas/lenses' }
+          default: { $lenspath = undef }
+       }
+
+       $augyaml = inline_template('
+---
+<% config_hash.each do |k,v| -%>
+<%= @vo %>_<%= k %>:
+   lens: Properties.lns
+   incl: /etc/voms-admin/<%= @vo %>/voms.service.properties
+   changes: set "<%= k %>" "<%= v %>"
+   load_path: <%= @lenspath %>
+   require: Exec[/etc/voms-admin-puppet/voms-admin-install-<%= @vo %>.sh]
+
+<% end -%>
+        ')
+
+     $aughash = parseyaml($augyaml)
+   
+     if $aughash {
+       create_resources('augeas',$aughash)
+     }
+
+       @@database_user{"${sqlusername}@${::fqdn}":
+          tag           => 'voms_database_users',
+          password_hash => mysql_password("${sqlpwd}"),
+          require       => Class['mysql::server']
+       }
+       @@database_grant{"${sqlusername}@${::fqdn}/${sqldbname}":
+          tag        => 'voms_database_grant',
+          privileges => ['Select_priv','Insert_priv','Update_priv','Alter_Priv','Create_Priv']
+       }
+}
+
diff --git a/manifests/admin/config.pp b/manifests/admin/config.pp
index a498bba..52d7592 100644
--- a/manifests/admin/config.pp
+++ b/manifests/admin/config.pp
@@ -1,106 +1,59 @@
-class voms::admin::config (
-   $tomcatuser = $voms::params::tomcatuser,
-   $tomcatservice = $voms::params::tomcatservice,
-   $trustmanager_logging = $voms::params::trustmanager_logging,
-   $tomcat_filelimit = $voms::params::tomcat_filelimit
-) inherits voms::params {
-
-   file{"/etc/voms-admin-puppet":
-      ensure  => directory,
-      purge   => true,
-      recurse => true
-   }
-   file{"/etc/voms-admin-puppet/README":
-      ensure   => file,
-      content  => template('voms/README.erb'),
-      require  => File["/etc/voms-admin-puppet"]
-   }
-   file{"/etc/grid-security/tomcat-hostcert.pem":
-      ensure => file,
-      source => "file:///etc/grid-security/hostcert.pem", 
-      mode   => 0644,
-      owner  => $tomcatuser,
-      group  => root,
-      notify => Service['tomcat']
-   }
-   file{"/etc/grid-security/tomcat-hostkey.pem":
-      ensure => file,
-      source => "file:///etc/grid-security/hostkey.pem", 
-      mode   => 0400,
-      owner  => $tomcatuser,
-      group  => root,
-      notify => Service['tomcat']
-   }
-   file{"/etc/${tomcatservice}/server.xml":
-       ensure => file,
-       content => template('voms/server.xml.erb'),
-       mode    => 0644,
-       owner   => root,
-       group   => root,
-       notify  => Service['tomcat']
-   }
-   file{"/etc/${tomcatservice}/log4j-trustmanager.properties":
-       ensure => file,
-       content => template('voms/log4j-trustmanager.properties.erb'),
-       mode    => 0644,
-       owner   => root,
-       group   => root,
-       notify  => Service['tomcat']
-   }
-   file{"/usr/share/voms-admin":
-       ensure  => directory,
-   }
-
-
-   $tomcat_server_lib = '/usr/share/tomcat6/lib'
-
-   exec{"/usr/bin/build-jar-repository ${tomcat_server_lib} bcprov":
-       creates => "${tomcat_server_lib}/[bcprov].jar",
-       notify   => Service['tomcat'],
-   }
-
-   exec{"/usr/bin/build-jar-repository ${tomcat_server_lib} trustmanager":
-       creates => "${tomcat_server_lib}/[trustmanager].jar",
-       notify   => Service['tomcat']
-
-   }
-   exec{"/usr/bin/build-jar-repository ${tomcat_server_lib} trustmanager-tomcat":
-       creates => "${tomcat_server_lib}/[trustmanager-tomcat].jar",
-       notify   => Service['tomcat']
-   }
-   exec{"/usr/bin/build-jar-repository ${tomcat_server_lib} commons-logging":
-       creates => "${tomcat_server_lib}/[commons-logging].jar",
-       notify   => Service['tomcat']
-   }
-   exec{"/usr/bin/build-jar-repository ${tomcat_server_lib} javamail":
-       creates => "${tomcat_server_lib}/[javamail].jar",
-       notify   => Service['tomcat']
-   }
-
-
-   $memsize = to_bytes($::memorytotal) / ( 2 * 1000000 )
-
-   if $::virtualorgs  {
-       $permsize = 64 + ( 25 * size(split($::virtualorgs,' '))) 
-   } else  {
-       $permsize = 64 + 25 
-   }
-
-   file{"/etc/${tomcatservice}/${tomcatservice}.conf":
-       ensure => file,
-       content => template("voms/${tomcatservice}.conf.erb"),
-       mode => 0644,
-       owner => root,
-       group => root,
-       notify => Service['tomcat']
-   }
-   if $tomcat_filelimit {
-     file{"/etc/security/limits.d/90-tomcat.conf":
-         ensure => file,
-         owner  => root,
-         group  => root,
-         mode   => 0644,
-         content => "tomcat   soft  nofile ${tomcat_filelimit}\ntomcat hard nofile ${tomcat_filelimit}\n"
-     }
-   }
-}
+class voms::admin::config (
+  $tomcatuser = $voms::params::tomcatuser,
+  $tomcatservice = $voms::params::tomcatservice,
+  $trustmanager_logging = $voms::params::trustmanager_logging,
+  $tomcat_filelimit = $voms::params::tomcat_filelimit
+) inherits voms::params {
+
+  file{"/etc/voms-admin-puppet":
+    ensure  => directory,
+    purge   => true,
+    recurse => true
+  }
+  file{"/etc/voms-admin-puppet/README":
+    ensure  => file,
+    content => template('voms/README.erb'),
+    require => File["/etc/voms-admin-puppet"]
+  }
+  file{"/usr/share/voms-admin":
+    ensure  => directory,
+  }
+
+  $memsize = to_bytes($::memorytotal) / ( 2 * 1000000 )
+
+  if $::virtualorgs  {
+    $permsize = 64 + ( 25 * size(split($::virtualorgs,' ')))
+  } else  {
+    $permsize = 64 + 25
+  }
+
+  file{'/etc/grid-security/vomscert.pem':
+    ensure => file,
+    source => 'file:///etc/grid-security/hostcert.pem',
+    owner  => voms,
+    group  => voms,
+    mode   => '0644',
+    notify => Service['voms-admin'],
+  }
+  file{'/etc/grid-security/vomskey.pem':
+    ensure => file,
+    source => 'file:///etc/grid-security/hostkey.pem',
+    owner  => voms,
+    group  => voms,
+    mode   => '0600',
+    notify => Service['voms-admin'],
+  }
+  firewall{'100 allow https to VOMS-admin UI':
+    proto  => 'tcp',
+    dport  => '8443',
+    action => 'accept',
+  }
+  # Put the conanical hostname in voms properties file.
+  augeas{'set_canonical_name':
+    context => "/files/etc/voms-admin/voms-admin-server.properties",
+    changes => "set host ${host}",
+    lens    => "Properties.lns",
+    incl    => '/etc/voms-admin/voms-admin-server.properties',
+    notify  => Service['voms-admin']
+  }
+}
diff --git a/manifests/admin/install.pp b/manifests/admin/install.pp
index c8ddb34..b706d38 100644
--- a/manifests/admin/install.pp
+++ b/manifests/admin/install.pp
@@ -1,44 +1,16 @@
-class voms::admin::install (
-   $adminpkgs = $voms::params::adminpkgs,
-   $emirepo = $voms::params::emirepo,
-   $emiupdatesrepo = $voms::params::emiupdatesrepo,
-   $tomcatuser = $voms::params::tomcatuser,
-   $tomcatservice = $voms::params::tomcatservice,
-) inherits voms::params {
-
-   package{$adminpkgs:
-      ensure => present,
-      require => Yumrepo['emi']
-   }
-
-   yumrepo{"emi":
-      descr       => "EMI Repository for voms-admin at least.",
-      baseurl     => "${emirepo}",
-      gpgcheck    => 0,
-      enabled     => 1,
-      priority    => 100,
-      includepkgs => join($adminrepowhite,','),
-      require     => Yumrepo['emiupdates']
-
-   }
-   yumrepo{"emiupdates":
-      descr       => "EMI Updates Repository for voms-admin at least.",
-      baseurl     => "${emiupdatesrepo}",
-      gpgcheck    => 0,
-      enabled     => 1,
-      priority    => 100,
-      includepkgs => join($adminrepowhite,',')
-
-   }
-
-   file{"/etc/yum.repos.d/emi.repo":
-      ensure => file,
-      require => Yumrepo["emi"]
-   }
-   file{"/etc/yum.repos.d/emiupdates.repo":
-      ensure => file,
-      require => Yumrepo["emiupdates"]
-   }
-
-
-}
+class voms::admin::install (
+  $adminpkgs = $voms::params::adminpkgs,
+  $emirepo = $voms::params::emirepo,
+  $emiupdatesrepo = $voms::params::emiupdatesrepo,
+  $tomcatuser = $voms::params::tomcatuser,
+  $tomcatservice = $voms::params::tomcatservice,
+) inherits voms::params {
+
+  package{$adminpkgs:
+    ensure  => present,
+    require => Yumrepo['EMI-3-base']
+  }
+
+  class{'emirepos::emi3repositories': before => Package['voms-mysql-plugin']}
+
+}
diff --git a/manifests/admin/service.pp b/manifests/admin/service.pp
index cf0daf0..52c638b 100644
--- a/manifests/admin/service.pp
+++ b/manifests/admin/service.pp
@@ -1,21 +1,15 @@
-class voms::admin::service (
-   $tomcatservice = $voms::params::tomcatservice
-   ) inherits params {
-   service{'tomcat':
-     name       => "${tomcatservice}",
-     ensure     => true,
-     enable     => true,
-     hasstatus  => true,
-     hasrestart => true,
-   }
-
-   service{'voms-admin':
-     ensure     => true,
-     enable     => true,
-     hasstatus  => true,
-     hasrestart => false,
-     require    => Service['tomcat']
-   }
-
-
-}
+class voms::admin::service (
+  $tomcatservice = $voms::params::tomcatservice
+) inherits params {
+
+  service{'voms-admin':
+    ensure     => true,
+    enable     => true,
+    hasstatus  => true,
+    hasrestart => false,
+    start      => '/sbin/service voms-admin start && /bin/sleep 2m',
+    status     => '/usr/bin/curl --max-time 10  -s http://localhost:8088/status',
+    restart    => '/sbin/service voms-admin stop && /bin/sleep 5s && /sbin/service voms-admin start && /bin/sleep 3m',
+  }
+
+}
diff --git a/manifests/aleph.pp b/manifests/aleph.pp
new file mode 100644
index 0000000..f74fd71
--- /dev/null
+++ b/manifests/aleph.pp
@@ -0,0 +1,30 @@
+# Class defining the ALEPH/LEP VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the ALEPH VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::ilc':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::aleph {
+  voms::client{'vo.aleph.cern.ch':
+      servers  => [{server => 'voms2.cern.ch',
+                    port   => '15002',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                   {server => 'lcg-voms2.cern.ch',
+                    port   => '15002',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                  ]
+  }
+}
diff --git a/manifests/alice.pp b/manifests/alice.pp
new file mode 100644
index 0000000..b169ef3
--- /dev/null
+++ b/manifests/alice.pp
@@ -0,0 +1,29 @@
+# Class defining the ALICE VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the ALICE VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::alice':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::alice {
+  voms::client{'alice':
+      servers => [{server                   => 'voms2.cern.ch',
+                    port  => '15000',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority',
+                   },
+       {server                   => 'lcg-voms2.cern.ch',
+                    port  => '15000',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority',
+                   }]
+ }
+}
diff --git a/manifests/atlas.pp b/manifests/atlas.pp
index 2f88ab4..3047750 100644
--- a/manifests/atlas.pp
+++ b/manifests/atlas.pp
@@ -1,29 +1,29 @@
-# Class defining the ATLAS VO, as seen by the VOMS service.
-#
-# Takes care of all the required setup to enable access to the ATLAS VO
-# (users and services) in a grid enabled machine.
-#
-# == Examples
-# 
-# Simply enable this class:
-#   class{'voms::atlas':}
-#
-# == Authors
-#
-# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
-# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
-
-class voms::atlas {
-  voms::client{'atlas':
-      servers  => [{server => 'voms.cern.ch',
-                    port   => '15001',
-                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms.cern.ch',
-                    ca_dn => '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority'
-                   },
-                   {server => 'lcg-voms.cern.ch',
-                    port   => '15001',
-                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch',
-                    ca_dn => '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority'
-                   }]
- }
-}
+# Class defining the ATLAS VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the ATLAS VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::atlas':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::atlas {
+  voms::client{'atlas':
+      servers => [{server                   => 'voms2.cern.ch',
+                    port  => '15001',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority',
+                   },
+                   {server                   => 'lcg-voms2.cern.ch',
+                    port  => '15001',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority',
+                   }]
+ }
+}
diff --git a/manifests/biomed.pp b/manifests/biomed.pp
new file mode 100644
index 0000000..8cc9d72
--- /dev/null
+++ b/manifests/biomed.pp
@@ -0,0 +1,12 @@
+class voms::biomed {
+  voms::client{'biomed':
+    servers => [
+      {
+        server => 'cclcgvomsli01.in2p3.fr',
+          port => '15000',
+            dn => '/O=GRID-FR/C=FR/O=CNRS/OU=CC-IN2P3/CN=cclcgvomsli01.in2p3.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/calice.pp b/manifests/calice.pp
new file mode 100644
index 0000000..de6a389
--- /dev/null
+++ b/manifests/calice.pp
@@ -0,0 +1,12 @@
+class voms::calice {
+  voms::client{'calice':
+    servers => [
+      {
+        server => 'grid-voms.desy.de',
+          port => '15102',
+            dn => '/C=DE/O=GermanGrid/OU=DESY/CN=host/grid-voms.desy.de',
+         ca_dn => '/C=DE/O=GermanGrid/CN=GridKa-CA',
+      },
+    ]
+  }
+}
diff --git a/manifests/camont.pp b/manifests/camont.pp
new file mode 100644
index 0000000..c944852
--- /dev/null
+++ b/manifests/camont.pp
@@ -0,0 +1,26 @@
+class voms::camont {
+
+voms::client { 'camont':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15025',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15025',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15025',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+    ]
+  }
+
+}
diff --git a/manifests/cdf.pp b/manifests/cdf.pp
new file mode 100644
index 0000000..b731e19
--- /dev/null
+++ b/manifests/cdf.pp
@@ -0,0 +1,24 @@
+class voms::cdf {
+  voms::client{'cdf':
+    servers => [
+      {
+        server => 'voms-01.pd.infn.it',
+          port => '15001',
+            dn => '/C=IT/O=INFN/OU=Host/L=Padova/CN=voms-01.pd.infn.it',
+         ca_dn => '/C=IT/O=INFN/CN=INFN CA',
+      },
+      {
+        server => 'voms.cnaf.infn.it',
+          port => '15001',
+            dn => '/C=IT/O=INFN/OU=Host/L=CNAF/CN=voms.cnaf.infn.it',
+         ca_dn => '/C=IT/O=INFN/CN=INFN CA',
+      },
+      {
+        server => 'voms.fnal.gov',
+          port => '15020',
+            dn => '/DC=org/DC=opensciencegrid/O=Open Science Grid/OU=Services/CN=voms2.fnal.gov',
+         ca_dn => '/DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon OSG CA 1',
+      },
+    ]
+  }
+}
diff --git a/manifests/cernatschool_org.pp b/manifests/cernatschool_org.pp
new file mode 100644
index 0000000..9c3bf9b
--- /dev/null
+++ b/manifests/cernatschool_org.pp
@@ -0,0 +1,24 @@
+class voms::cernatschool_org {
+  voms::client{'cernatschool.org':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15500',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15500',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15500',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+    ]
+  }
+}
diff --git a/manifests/client.pp b/manifests/client.pp
index 11e064b..e6eeb72 100644
--- a/manifests/client.pp
+++ b/manifests/client.pp
@@ -18,15 +18,15 @@
 # == Example
 #
 #     voms::client{'ops':
-#        servers  => [{server => 'voms.cern.ch',
+#        servers  => [{server => 'voms2.cern.ch',
 #                   port   => '15009',
-#                   dn    => '/DC=ch/DC=cern/OU=computers/CN=voms.cern.ch',
-#                   ca_dn => '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority'
+#                   dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+#                   ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
 #                  },
-#                  {server => 'lcg-voms.cern.ch',
+#                  {server => 'lcg-voms2.cern.ch',
 #                   port   => '15009',
-#                   dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch',
-#                   ca_dn => '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority'
+#                   dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+#                   ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
 #                  }]
 #
 # == Authors
@@ -36,13 +36,13 @@
 #
 define voms::client ($vo = $name, $servers = []  ) {
    ensure_resource('class','voms::install')
-   Class[Voms::Install] -> Voms::Client[$vo]
+   Class[voms::install] -> Voms::Client[$vo]
 
    file {"/etc/grid-security/vomsdir/${vo}":
                    ensure  => directory,
                    owner   => root,
                    group   => root,
-                   mode    => 0755, 
+                   mode    => '0755',
                    recurse => true,
                    purge   => true,
                    require => File['/etc/grid-security/vomsdir']
@@ -52,7 +52,7 @@
   File{
      owner => root,
      group => root,
-     mode  => 0644
+     mode  => '0644',
   }
   
 
@@ -74,5 +74,4 @@
    $filedata = parseyaml($yaml)
    create_resources('file',$filedata)
 
-
 }
diff --git a/manifests/cms.pp b/manifests/cms.pp
index 0259969..f867417 100644
--- a/manifests/cms.pp
+++ b/manifests/cms.pp
@@ -1,29 +1,29 @@
-# Class defining the ops VO, as seen by the VOMS service.
-#
-# Takes care of all the required setup to enable access to the ATLAS VO
-# (users and services) in a grid enabled machine.
-#
-# == Examples
-# 
-# Simply enable this class:
-#   class{'voms::cms':}
-#
-# == Authors
-#
-# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
-# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
-
-class voms::cms {
-  voms::client{'cms':
-      servers  => [{server => 'voms.cern.ch',
-                    port   => '15002',
-                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms.cern.ch',
-                    ca_dn => '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority'
-                   },
-                   {server => 'lcg-voms.cern.ch',
-                    port   => '15002',
-                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch',
-                    ca_dn => '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority'
-                   }]
- }
-}
+# Class defining the ops VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the ATLAS VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::cms':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::cms {
+  voms::client{'cms':
+      servers => [{server                   => 'voms2.cern.ch',
+                    port  => '15002',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority',
+                   },
+                   {server                   => 'lcg-voms2.cern.ch',
+                    port  => '15002',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority',
+                   }]
+ }
+}
diff --git a/manifests/comet_j_parc_jp.pp b/manifests/comet_j_parc_jp.pp
new file mode 100644
index 0000000..fc838e8
--- /dev/null
+++ b/manifests/comet_j_parc_jp.pp
@@ -0,0 +1,24 @@
+class voms::comet_j_parc_jp {
+  voms::client{'comet.j-parc.jp':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15005',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15005',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15005',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },         
+    ]
+  }
+}
diff --git a/manifests/compass.pp b/manifests/compass.pp
new file mode 100644
index 0000000..588fa30
--- /dev/null
+++ b/manifests/compass.pp
@@ -0,0 +1,29 @@
+# Class defining the compass VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the COMPASS VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::compass':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::compass {
+  voms::client{'compass':
+      servers => [{server                   => 'voms2.cern.ch',
+                    port  => '15004',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority',
+                   },
+                   {server                   => 'lcg-voms2.cern.ch',
+                    port  => '15004',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority',
+                   }]
+ }
+}
diff --git a/manifests/core.pp b/manifests/core.pp
index 23a2ac4..d3a32eb 100644
--- a/manifests/core.pp
+++ b/manifests/core.pp
@@ -1,96 +1,109 @@
-# === Define: voms::core
-#
-# Installs and configure a voms core server
-#
-# === Parameters
-#
-# [*vo*]
-#  The name of the virtial organisation. Defaults to the namevar of the
-#  the  voms::core instance.
-#  
-# [*issuer*]
-#  The hostname of issuer of voms credentials. By default it is the $::fqdn.
-# 
-# [*vomstimeout*]
-#  The timeout of voms proxy, by default 86400 seconds or 1 day.
-#
-# [*sqlhost*, *sqldbname*, *sqlport*, *sqlusername*, *sqlpw*]
-#  The SQL server parameters, see default values below.
-#
-# [*port*]
-#  The port the voms server should listen on.
-#
-# === Examples
-# 
-#   voms::core{'examplevo':
-#        issuser => 'voms.example.org',
-#        sqlpwd  => '12345',
-#        sqlhost => 'mysql.example.org.'
-#   }
-#
-# === Authors
-# Steve Traylen <steve.traylen@cern.ch>
-# 
-# === Copyright 
-# Copyright Steve Traylen,  CERN 2012 
-# 
-# === License
-#  Apache II
-# 
-
-
-
-define voms::core($vo=$name,
-                  $port,
-                  $issuer=$::fqdn,
-                  $vomstimeout="86400",
-                  $sqlhost='localhost',
-                  $sqldbname="${name}_db",
-                  $sqlport=3306,
-                  $sqlusername="${name}_core",
-                  $sqlpwd) {
-
-       ensure_resource('class',"voms::${vo}")
-       ensure_resource('class','voms::core::install')
-       ensure_resource('class','voms::core::service')
-       Class[Voms::Core::Install] -> Voms::Core[$vo] -> Class[Voms::Core::Service]
-
-       file{"/etc/voms/${vo}":
-         ensure  => directory,
-         mode    => "0755",
-         owner   => "root",
-         group   => "root",
-         purge   => true,
-         recurse  => true,
-         require => File['/etc/voms']
-       }
-
-       file{"/etc/voms/${vo}/voms.conf":
-         ensure  => file,
-         content => template('voms/voms.conf.erb'),
-         mode    => "0644",
-         owner   => "root",
-         group   => "root",
-         notify  => Service["voms"],
-         require => File["/etc/voms/${vo}"]
-       }
-       # The package creates the voms user below.
-       file{"/etc/voms/${vo}/voms.pass":
-         ensure  => file,
-         content => "${sqlpwd}\n",
-         mode    => "0640",
-         owner   => "voms",
-         group   => "voms",
-         notify  => Service["voms"],
-         require => [File["/etc/voms/${vo}"],Package['voms-server']]
-       }
-       @@database_user{"${sqlusername}@${::fqdn}":
-          tag           => 'voms_database_users',
-          password_hash => mysql_password("${sqlpwd}"),
-          require       => Class['mysql::server']
-       }
-       @@database_grant{"${sqlusername}@${::fqdn}/${sqldbname}":
-          tag           => 'voms_database_grant',
-          privileges    => ['Select_priv']
-       }
-}
+# === Define: voms::core
+#
+# Installs and configure a voms core server
+#
+# === Parameters
+#
+# [*vo*]
+#  The name of the virtial organisation. Defaults to the namevar of the
+#  the  voms::core instance.
+#  
+# [*issuer*]
+#  The hostname of issuer of voms credentials. By default it is the $::fqdn.
+# 
+# [*vomstimeout*]
+#  The timeout of voms proxy, by default 86400 seconds or 1 day.
+#
+# [*sqlhost*, *sqldbname*, *sqlport*, *sqlusername*, *sqlpw*]
+#  The SQL server parameters, see default values below.
+#
+# [*port*]
+#  The port the voms server should listen on.
+#
+# === Examples
+# 
+#   voms::core{'examplevo':
+#        issuser => 'voms.example.org',
+#        sqlpwd  => '12345',
+#        sqlhost => 'mysql.example.org.'
+#   }
+#
+# === Authors
+# Steve Traylen <steve.traylen@cern.ch>
+# 
+# === Copyright 
+# Copyright Steve Traylen,  CERN 2012 
+# 
+# === License
+#  Apache II
+# 
+
+
+
+define voms::core($vo=$name,
+                  $port,
+                  $issuer=$::fqdn,
+                  $vomstimeout="86400",
+                  $sqlhost='localhost',
+                  $sqldbname="${name}_db",
+                  $sqlport=3306,
+                  $sqlusername="${name}_core",
+                  $maxreqs='200',
+                  $passfile=$vo ? {
+                    ''      => "/etc/voms/${name}/voms.pass",
+                    default => "/etc/voms/${vo}/voms.pass"
+                  },
+                  $sqlpwd) {
+
+       include("voms::${name}")
+       include('voms::core::install')
+       include('voms::core::config')
+       include('voms::core::service')
+       Class[voms::core::install] -> Voms::Core[$name] -> Class[voms::core::service]
+
+      
+       firewall {"100 allow ${name} access from the universe.":
+           proto  => 'tcp',
+           dport  => $port,
+           action => 'accept'
+       }
+
+       file{"/etc/voms/${vo}":
+           ensure  => directory,
+           mode    => "0755",
+           owner   => "root",
+           group   => "root",
+           purge   => true,
+           recurse => true,
+           require => File['/etc/voms']
+       }
+
+       file{"/etc/voms/${vo}/voms.conf":
+         ensure  => file,
+         content => template('voms/voms.conf.erb'),
+         mode    => "0644",
+         owner   => "root",
+         group   => "root",
+         notify  => Service["voms"],
+         require => File["/etc/voms/${vo}"]
+       }
+       # The package creates the voms user below.
+       file{"/etc/voms/${vo}/voms.pass":
+         ensure  => file,
+         content => "${sqlpwd}\n",
+         mode    => "0640",
+         owner   => "voms",
+         group   => "voms",
+         notify  => Service["voms"],
+         require => [File["/etc/voms/${vo}"],Package['voms-server']]
+       }
+       @@database_user{"${sqlusername}@${::fqdn}":
+          tag           => 'voms_database_users',
+          password_hash => mysql_password("${sqlpwd}"),
+          require       => Class['mysql::server']
+       }
+       @@database_grant{"${sqlusername}@${::fqdn}/${sqldbname}":
+          tag        => 'voms_database_grant',
+          privileges => ['Select_priv']
+       }
+}
diff --git a/manifests/core/config.pp b/manifests/core/config.pp
new file mode 100644
index 0000000..03e8e9a
--- /dev/null
+++ b/manifests/core/config.pp
@@ -0,0 +1,53 @@
+class voms::core::config {
+
+ file{'/etc/voms':
+   ensure  => directory,
+   mode    => '0755',
+   owner   => 'root',
+   group   => 'root',
+   purge   => true,
+   recurse => true
+ }
+
+ file{'/etc/voms/.globus':
+     ensure  => directory,
+     require => File['/etc/voms']
+ }
+ # The host key must be owned by the voms user.
+ file{'/etc/grid-security/hostkey.pem':
+     ensure    => file,
+     mode      => '0600',
+     owner     => voms,
+     group     => root,
+     content   => "Should be a hostkey, will not be overwritten by puppet if this file exists\n",
+     replace   => false,
+     show_diff => false
+ }
+
+
+ file{'/etc/voms/.globus/usercert.pem':
+     ensure  => file,
+     source  => 'file:///etc/grid-security/hostcert.pem',
+      owner  => voms,
+      group  => voms,
+      mode   => '0644',
+      notify => Service['voms'],
+  }
+  file{'/etc/voms/.globus/userkey.pem':
+      ensure    => file,
+      source    => 'file:///etc/grid-security/hostkey.pem',
+      owner     => voms,
+      group     => voms,
+      mode      => '0600',
+      show_diff => false,
+      notify    => Service['voms'],
+  }
+        
+  file {'/usr/lib64/voms':
+      ensure  => link,
+      target  => '/usr/lib64',
+      replace => false,
+      before  => Service['voms'],
+      require => Package['voms-mysql-plugin'],
+  }
+}
diff --git a/manifests/core/install.pp b/manifests/core/install.pp
index f0ac181..524c52d 100644
--- a/manifests/core/install.pp
+++ b/manifests/core/install.pp
@@ -1,18 +1,10 @@
-class voms::core::install (
-   $corepkgs = $voms::params::corepkgs
-) inherits voms::params {
-
-   package{$corepkgs:
-      ensure => present,
-      before => File['/etc/voms']
-   }
-   file{'/etc/voms':
-         ensure  => directory,
-         mode    => '0755',
-         owner   => 'root',
-         group   => 'root',
-         purge   => true,
-         recurse => true
-   }
-
-}
+class voms::core::install (
+   $corepkgs = $voms::params::corepkgs
+) inherits voms::params {
+
+   package{$corepkgs:
+      ensure => present,
+      before => File['/etc/voms']
+   }
+
+}
diff --git a/manifests/core/service.pp b/manifests/core/service.pp
index 0ce8e4c..b64e665 100644
--- a/manifests/core/service.pp
+++ b/manifests/core/service.pp
@@ -1,8 +1,8 @@
-class voms::core::service {
-   service{'voms':
-     ensure     => true,
-     enable     => true,
-     hasstatus  => true,
-     hasrestart => true,
-   }
-}
+class voms::core::service {
+   service{'voms':
+     ensure     => true,
+     enable     => true,
+     hasstatus  => true,
+     hasrestart => true,
+   }
+}
diff --git a/manifests/delphi.pp b/manifests/delphi.pp
new file mode 100644
index 0000000..b2f7ae2
--- /dev/null
+++ b/manifests/delphi.pp
@@ -0,0 +1,30 @@
+# Class defining the DELPHI/LEP VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the DELPHI VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::ilc':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::delphi {
+  voms::client{'vo.delphi.cern.ch':
+      servers  => [{server => 'voms2.cern.ch',
+                    port   => '15002',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                   {server => 'lcg-voms2.cern.ch',
+                    port   => '15002',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                  ]
+  }
+}
diff --git a/manifests/dteam.pp b/manifests/dteam.pp
index 935ed7b..9f5788d 100644
--- a/manifests/dteam.pp
+++ b/manifests/dteam.pp
@@ -1,14 +1,9 @@
 class voms::dteam {
   voms::client{'dteam': 
-      servers => [{ server => 'voms.hellasgrid.gr',
-                    port   => '15001',
-                    dn    => '/C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms.hellasgrid.gr',
-                    ca_dn => '/C=GR/O=HellasGrid/OU=Certification Authorities/CN=HellasGrid CA 2006'
-                  },
-                  { server => 'voms2.hellasgrid.gr',
-                    port   => '15001',
+      servers => [{ server => 'voms2.hellasgrid.gr',
+                    port   => '15004',
                     dn    => '/C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms2.hellasgrid.gr',
-                    ca_dn => '/C=GR/O=HellasGrid/OU=Certification Authorities/CN=HellasGrid CA 2006'
+                    ca_dn => '/C=GR/O=HellasGrid/OU=Certification Authorities/CN=HellasGrid CA 2016'
                  }]
   }
 }
diff --git a/manifests/dune.pp b/manifests/dune.pp
new file mode 100644
index 0000000..ba7eacb
--- /dev/null
+++ b/manifests/dune.pp
@@ -0,0 +1,18 @@
+class voms::dune {
+  voms::client{'dune':
+    servers => [
+      {
+          server => 'voms2.fnal.gov',
+          port   => '15042',
+          dn     => '/DC=org/DC=incommon/C=US/ST=IL/L=Batavia/O=Fermi Research Alliance/OU=Fermilab/CN=voms2.fnal.gov',
+          ca_dn  => '/C=US/O=Internet2/OU=InCommon/CN=InCommon IGTF Server CA',
+      },
+      {
+          server => 'voms1.fnal.gov',
+          port   => '15042',
+          dn     => '/DC=org/DC=opensciencegrid/O=Open Science Grid/OU=Services/CN=voms1.fnal.gov',
+          ca_dn  => '/DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon OSG CA 1',
+      },
+    ]
+  }
+}
diff --git a/manifests/dzero.pp b/manifests/dzero.pp
new file mode 100644
index 0000000..f80ae65
--- /dev/null
+++ b/manifests/dzero.pp
@@ -0,0 +1,12 @@
+class voms::dzero {
+  voms::client{'dzero':
+    servers => [
+      {
+        server => 'voms.fnal.gov',
+          port => '15002',
+            dn => '/DC=org/DC=opensciencegrid/O=Open Science Grid/OU=Services/CN=voms.fnal.gov',
+         ca_dn => '/DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon OSG CA 1',
+      },
+    ]
+  }
+}
diff --git a/manifests/eela.pp b/manifests/eela.pp
new file mode 100644
index 0000000..47a48c2
--- /dev/null
+++ b/manifests/eela.pp
@@ -0,0 +1,30 @@
+# Class defining the prod.vo.eu-eela.eu VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the prod.vo.eu-eela.eu VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::eela':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+#unfortunately the full VO name prod.vo.eu-eela.eu is not a valid class name...
+class voms::eela {
+  voms::client{'prod.vo.eu-eela.eu':
+      servers => [{server                   => 'voms-eela.ceta-ciemat.es',
+                    port  => '15003',
+                    dn    => '/DC=es/DC=irisgrid/O=ceta-ciemat/CN=host/voms-eela.ceta-ciemat.es',
+                    ca_dn => '/DC=es/DC=irisgrid/CN=IRISGridCA'
+                   },
+                   {server                   => 'voms.grid.unam.mx',
+                    port  => '15000',
+                    dn    => '/C=MX/O=UNAMgrid/OU=DGSCA UNAM CU/CN=voms.grid.unam.mx',
+                    ca_dn => '/C=MX/O=UNAMgrid/OU=UNAM/CN=CA'
+                   }]
+ }
+}
diff --git a/manifests/emitesters.pp b/manifests/emitesters.pp
new file mode 100644
index 0000000..19c7f65
--- /dev/null
+++ b/manifests/emitesters.pp
@@ -0,0 +1,17 @@
+class voms::emitesters {
+  voms::client{
+  'testers.eu-emi.eu':
+          servers => [{ server                   => 'emitestbed07.cnaf.infn.it',
+                    port  => '15002',
+                    dn    => '/C=IT/O=INFN/OU=Host/L=CNAF/CN=emitestbed07.cnaf.infn.it',
+                    ca_dn => '/C=IT/O=INFN/CN=INFN CA'
+                  }];
+  'testers2.eu-emi.eu':
+          servers => [{ server                   => 'emitestbed27.cnaf.infn.it',
+                    port  => '15005',
+                    dn    => '/C=IT/O=INFN/OU=Host/L=CNAF/CN=emitestbed27.cnaf.infn.it',
+                    ca_dn => '/C=IT/O=INFN/CN=INFN CA'
+                  }]
+  }
+}
+
diff --git a/manifests/envirogrids.pp b/manifests/envirogrids.pp
new file mode 100644
index 0000000..ccc5cb7
--- /dev/null
+++ b/manifests/envirogrids.pp
@@ -0,0 +1,30 @@
+# Class defining the envirogrids.vo.eu-egee.org VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the envirogrids.vo.eu-egee.org VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::envirogrids':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+#unfortunately the full VO name envirogrids.vo.eu-egee.org is not a valid class name...
+class voms::envirogrids {
+  voms::client{'envirogrids.vo.eu-egee.org':
+      servers  => [{server => 'voms2.cern.ch',
+                    port   => '15002',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                   {server => 'lcg-voms2.cern.ch',
+                    port   => '15002',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   }]
+ }
+}
diff --git a/manifests/esr.pp b/manifests/esr.pp
new file mode 100644
index 0000000..61ed413
--- /dev/null
+++ b/manifests/esr.pp
@@ -0,0 +1,12 @@
+class voms::esr {
+  voms::client{'esr':
+    servers => [
+      {
+        server => 'voms.grid.sara.nl',
+          port => '30001',
+            dn => '/O=dutchgrid/O=hosts/OU=sara.nl/CN=voms.grid.sara.nl',
+         ca_dn => '/C=NL/O=NIKHEF/CN=NIKHEF medium-security certification auth',
+      },
+    ]
+  }
+}
diff --git a/manifests/fusion.pp b/manifests/fusion.pp
new file mode 100644
index 0000000..11bca65
--- /dev/null
+++ b/manifests/fusion.pp
@@ -0,0 +1,12 @@
+class voms::fusion {
+  voms::client{'fusion':
+    servers => [
+      {
+        server => 'voms-prg.bifi.unizar.es',
+          port => '15001',
+            dn => '/DC=es/DC=irisgrid/O=bifi-unizar/CN=voms-prg.bifi.unizar.es',
+         ca_dn => '/DC=es/DC=irisgrid/CN=IRISGridCA',
+      },
+    ]
+  }
+}
diff --git a/manifests/geant4.pp b/manifests/geant4.pp
new file mode 100644
index 0000000..a2cf28f
--- /dev/null
+++ b/manifests/geant4.pp
@@ -0,0 +1,29 @@
+# Class defining the geant4 VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the GEANT4 VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::geant4':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::geant4 {
+  voms::client{'geant4':
+      servers  => [{server => 'voms2.cern.ch',
+                    port   => '15007',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                   {server => 'lcg-voms2.cern.ch',
+                    port   => '15007',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   }]
+ }
+}
diff --git a/manifests/gear.pp b/manifests/gear.pp
new file mode 100644
index 0000000..8b3a9aa
--- /dev/null
+++ b/manifests/gear.pp
@@ -0,0 +1,30 @@
+# Class defining the vo.gear.cern.ch VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the vo.gear.cern.ch VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::gear':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+#unfortunately the full VO name vo.gear.cern.ch is not a valid class name...
+class voms::gear {
+  voms::client{'vo.gear.cern.ch':
+      servers  => [{server => 'voms2.cern.ch',
+                    port   => '15008',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                   {server => 'lcg-voms2.cern.ch',
+                    port   => '15008',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   }]
+ }
+}
diff --git a/manifests/gridpp.pp b/manifests/gridpp.pp
new file mode 100644
index 0000000..24ae504
--- /dev/null
+++ b/manifests/gridpp.pp
@@ -0,0 +1,24 @@
+class voms::gridpp {
+  voms::client{'gridpp':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15000',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15000',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15000',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+    ]
+  }
+}
diff --git a/manifests/harpo_cea_fr.pp b/manifests/harpo_cea_fr.pp
new file mode 100644
index 0000000..f7c5572
--- /dev/null
+++ b/manifests/harpo_cea_fr.pp
@@ -0,0 +1,12 @@
+class voms::harpo_cea_fr {
+  voms::client{'harpo.cea.fr':
+    servers => [
+      {
+        server => 'grid12.lal.in2p3.fr',
+          port => '20024',
+            dn => '/O=GRID-FR/C=FR/O=CNRS/OU=LAL/CN=grid12.lal.in2p3.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/hone.pp b/manifests/hone.pp
new file mode 100644
index 0000000..86265e3
--- /dev/null
+++ b/manifests/hone.pp
@@ -0,0 +1,12 @@
+class voms::hone {
+  voms::client{'hone':
+    servers => [
+      {
+        server => 'grid-voms.desy.de',
+          port => '15106',
+            dn => '/C=DE/O=GermanGrid/OU=DESY/CN=host/grid-voms.desy.de',
+         ca_dn => '/C=DE/O=GermanGrid/CN=GridKa-CA',
+      },
+    ]
+  }
+}
diff --git a/manifests/hyperk_org.pp b/manifests/hyperk_org.pp
new file mode 100644
index 0000000..7268373
--- /dev/null
+++ b/manifests/hyperk_org.pp
@@ -0,0 +1,24 @@
+class voms::hyperk_org {
+  voms::client{'hyperk.org':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15510',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15510',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15510',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+    ]
+  }
+}
diff --git a/manifests/ilc.pp b/manifests/ilc.pp
new file mode 100644
index 0000000..bb2d785
--- /dev/null
+++ b/manifests/ilc.pp
@@ -0,0 +1,24 @@
+# Class defining the ILC VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the ILC VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::ilc':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::ilc {
+  voms::client{'ilc':
+      servers => [{server                   => 'grid-voms.desy.de',
+                    port  => '15110',
+                    dn    => '/C=DE/O=GermanGrid/OU=DESY/CN=host/grid-voms.desy.de',
+                    ca_dn => '/C=DE/O=GermanGrid/CN=GridKa-CA'
+                   }]
+ }
+}
diff --git a/manifests/init.pp b/manifests/init.pp
index d746ae5..164deba 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,6 +1,6 @@
-# Class defining resources required to use the VOMS service.
-# This class is completly empty and does nothing.
-class voms {
-   # Class present for backwards compatability.
-   # It is not longer needed.
-}
+# Class defining resources required to use the VOMS service.
+# This class is completly empty and does nothing.
+class voms {
+   # Class present for backwards compatability.
+   # It is not longer needed.
+}
diff --git a/manifests/install.pp b/manifests/install.pp
index c174989..bfd884c 100644
--- a/manifests/install.pp
+++ b/manifests/install.pp
@@ -2,29 +2,30 @@
 # == Class: voms::isntall
 # Install voms-clients package and sets up a few directories.
 # 
-class voms::install {
-  package { "voms-clients": 
-    ensure  => latest, 
-    require => Package["lcg-CA"],
+class voms::install (
+  $clientpkgs = $voms::params::clientpkgs
+) inherits voms::params {
+
+  package { $clientpkgs: 
+    ensure  => present, 
   }
 
   file{'/etc/grid-security/vomsdir':
               ensure  => directory,
               owner   => root,
               group   => root,
-              mode    => 0755,
+              mode    => "0755",
               purge   => true,
               recurse => true,
-              require => Package["lcg-CA"],
+              force   => true,
   }                   
   file{'/etc/vomses':
              ensure  => directory,
              owner   => root,
              group   => root,
-             mode    => 0755,
+             mode    => "0755",
              purge   => true,
              recurse => true,
-             require => Package["lcg-CA"],
   }                   
 
 }
diff --git a/manifests/l3.pp b/manifests/l3.pp
new file mode 100644
index 0000000..c3d814d
--- /dev/null
+++ b/manifests/l3.pp
@@ -0,0 +1,30 @@
+# Class defining the L3/LEP VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the ALEPH VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::l3':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::l3 {
+  voms::client{'vo.l3.cern.ch':
+      servers  => [{server => 'voms2.cern.ch',
+                    port   => '15015',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                   {server => 'lcg-voms2.cern.ch',
+                    port   => '15015',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                  ]
+  }
+}
diff --git a/manifests/lhcb.pp b/manifests/lhcb.pp
new file mode 100644
index 0000000..0700d62
--- /dev/null
+++ b/manifests/lhcb.pp
@@ -0,0 +1,29 @@
+# Class defining the lhcb VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the lhcb VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::lhcb':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::lhcb {
+  voms::client{'lhcb':
+      servers => [{server                   => 'voms2.cern.ch',
+                    port  => '15003',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority',
+                   },
+                   {server                   => 'lcg-voms2.cern.ch',
+                    port  => '15003',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority',
+                   }]
+ }
+}
diff --git a/manifests/lsst.pp b/manifests/lsst.pp
new file mode 100644
index 0000000..2548738
--- /dev/null
+++ b/manifests/lsst.pp
@@ -0,0 +1,25 @@
+class voms::lsst {
+  voms::client{'lsst':
+    servers => [
+      {
+        server => 'voms.fnal.gov',
+          port => '15003',
+            dn => '/DC=org/DC=opensciencegrid/O=Open Science Grid/OU=Services/CN=voms2.fnal.gov',
+         ca_dn => '/DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon OSG CA 1',
+      },
+      {
+        server => 'voms2.fnal.gov',
+          port => '15003',
+            dn => '/DC=org/DC=opensciencegrid/O=Open Science Grid/OU=Services/CN=voms2.fnal.gov',
+         ca_dn => '/DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon OSG CA 1',
+      },
+      {
+        server => 'voms1.fnal.gov',
+          port => '15003',
+            dn => '/DC=org/DC=opensciencegrid/O=Open Science Grid/OU=Services/CN=voms1.fnal.gov',
+         ca_dn => '/DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon OSG CA 1',
+      },
+
+    ]
+  }
+}
diff --git a/manifests/lz.pp b/manifests/lz.pp
new file mode 100644
index 0000000..b1928c8
--- /dev/null
+++ b/manifests/lz.pp
@@ -0,0 +1,12 @@
+class voms::lz {
+  voms::client{'lz':
+    servers => [
+      {
+        server => 'voms.hep.wisc.edu',
+          port => '15001',
+            dn => '/DC=org/DC=opensciencegrid/O=Open Science Grid/OU=Services/CN=voms.hep.wisc.edu',
+         ca_dn => '/DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon OSG CA 1',
+      },
+    ]
+  }
+}
diff --git a/manifests/magic.pp b/manifests/magic.pp
new file mode 100644
index 0000000..995063e
--- /dev/null
+++ b/manifests/magic.pp
@@ -0,0 +1,18 @@
+class voms::magic {
+  voms::client{'magic':
+    servers => [
+      {
+        server => 'voms01.pic.es',
+          port => '15003',
+            dn => '/DC=org/DC=terena/DC=tcs/C=ES/ST=Barcelona/L=Bellaterra/O=Port dInformacio Cientifica/CN=voms01.pic.es',
+         ca_dn => '/C=NL/ST=Noord-Holland/L=Amsterdam/O=TERENA/CN=TERENA eScience SSL CA 3',
+      },
+      {
+        server => 'voms02.pic.es',
+          port => '15003',
+            dn => '/DC=org/DC=terena/DC=tcs/C=ES/ST=Barcelona/L=Bellaterra/O=Port dInformacio Cientifica/CN=voms02.pic.es',
+         ca_dn => '/C=NL/ST=Noord-Holland/L=Amsterdam/O=TERENA/CN=TERENA eScience SSL CA 3',
+      },
+    ]
+  }
+}
diff --git a/manifests/mice.pp b/manifests/mice.pp
new file mode 100644
index 0000000..a0b210f
--- /dev/null
+++ b/manifests/mice.pp
@@ -0,0 +1,24 @@
+class voms::mice {
+  voms::client{'mice':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15001',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15001',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15001',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },         
+    ]
+  }
+}
diff --git a/manifests/mysql.pp b/manifests/mysql.pp
index e2283be..51a7604 100644
--- a/manifests/mysql.pp
+++ b/manifests/mysql.pp
@@ -1,29 +1,29 @@
-#
-# ==  Class: voms::mysql
-#
-# Sets a mysql database for use with voms. In particular it collects
-# from exported resources their required grants and access. The
-# voms::admin and voms::core creates the exported resources.
-#
-# === Parameters
-#
-# [*vo_dbs*]
-# A simple array of databases to create.
-#
-# === Examples
-#
-#  voms::mysql{['atlas_db','cms_db','alice_db':]}
-# 
-# 
-class voms::mysql ($vo_dbs = [])  {
-
-
-    database{$vo_dbs:
-       ensure  => present,
-       charset => 'latin1'
-    }
-
-    Database_grant <<|tag == 'voms_database_grant' |>>
-    Database_user  <<|tag == 'voms_database_users' |>>
-
-}
+#
+# ==  Class: voms::mysql
+#
+# Sets a mysql database for use with voms. In particular it collects
+# from exported resources their required grants and access. The
+# voms::admin and voms::core creates the exported resources.
+#
+# === Parameters
+#
+# [*vo_dbs*]
+# A simple array of databases to create.
+#
+# === Examples
+#
+#  voms::mysql{['atlas_db','cms_db','alice_db':]}
+# 
+# 
+class voms::mysql ($vo_dbs = [])  {
+
+
+    database{$vo_dbs:
+       ensure  => present,
+       charset => 'latin1'
+    }
+
+    Database_grant <<|tag == 'voms_database_grant' |>>
+    Database_user  <<|tag == 'voms_database_users' |>>
+
+}
diff --git a/manifests/na48.pp b/manifests/na48.pp
new file mode 100644
index 0000000..3d6f8ba
--- /dev/null
+++ b/manifests/na48.pp
@@ -0,0 +1,29 @@
+# Class defining the NA48 VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the NA48 VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::na48':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::na48 {
+  voms::client{'na48':
+      servers  => [{server => 'voms2.cern.ch',
+                    port   => '15009',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                   {server => 'lcg-voms2.cern.ch',
+                    port   => '15009',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   }]
+ }
+}
diff --git a/manifests/na62_vo_gridpp_ac_uk.pp b/manifests/na62_vo_gridpp_ac_uk.pp
new file mode 100644
index 0000000..4f6be33
--- /dev/null
+++ b/manifests/na62_vo_gridpp_ac_uk.pp
@@ -0,0 +1,24 @@
+class voms::na62_vo_gridpp_ac_uk {
+  voms::client{'na62.vo.gridpp.ac.uk':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15501',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15501',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15501',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+    ]
+  }
+}
diff --git a/manifests/opal.pp b/manifests/opal.pp
new file mode 100644
index 0000000..0a4c420
--- /dev/null
+++ b/manifests/opal.pp
@@ -0,0 +1,30 @@
+# Class defining the OPAL/LEP VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the ALEPH VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::opal':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::opal {
+  voms::client{'vo.opal.cern.ch':
+      servers  => [{server => 'voms2.cern.ch',
+                    port   => '15016',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                   {server => 'lcg-voms2.cern.ch',
+                    port   => '15016',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                  ]
+  }
+}
diff --git a/manifests/ops.pp b/manifests/ops.pp
index 1c8ea0f..0f5d67a 100644
--- a/manifests/ops.pp
+++ b/manifests/ops.pp
@@ -1,29 +1,29 @@
-# Class defining the ops VO, as seen by the VOMS service.
-#
-# Takes care of all the required setup to enable access to the ATLAS VO
-# (users and services) in a grid enabled machine.
-#
-# == Examples
-# 
-# Simply enable this class:
-#   class{'voms::ops':}
-#
-# == Authors
-#
-# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
-# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
-
-class voms::ops {
-  voms::client{'ops':
-      servers  => [{server => 'voms.cern.ch',
-                    port   => '15009',
-                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms.cern.ch',
-                    ca_dn => '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority'
-                   },
-                   {server => 'lcg-voms.cern.ch',
-                    port   => '15009',
-                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch',
-                    ca_dn => '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority'
-                   }]
- }
-}
+# Class defining the ops VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the ATLAS VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::ops':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::ops {
+  voms::client{'ops':
+      servers => [{server                   => 'voms2.cern.ch',
+                    port  => '15009',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                   {server                   => 'lcg-voms2.cern.ch',
+                    port  => '15009',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   }]
+ }
+}
diff --git a/manifests/params.pp b/manifests/params.pp
index 719a10a..7146f15 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -1,24 +1,26 @@
-#
-# == Class: voms::params
-#
-# Various centric parameters for installing and configuring voms and voms admin.
-#
-class voms::params {
-
-  # Voms Core Related.
-  $corepkgs  = ['voms-server','voms-mysql-plugin']
-
-  # Voms Admin Related.
-  $adminpkgs        = ['voms-admin-server','voms-admin-client']
-  $emirepo         = "http://emisoft.web.cern.ch/emisoft/dist/EMI/2/sl6/${::architecture}/base/"
-  $emiupdatesrepo  = "http://emisoft.web.cern.ch/emisoft/dist/EMI/2/sl6/${::architecture}/updates/"
-  $adminrepowhite   = ['voms-admin-server','voms-admin-client','emi-trustmanager-tomcat','emi-trustmanager']
-  $trustmanager_logging   = 'INFO' # should be info.
-  $tomcat_filelimit  = '16384'
-  
-
-  # Tomcat related.
-  $tomcatservice  = 'tomcat6'
-  $tomcatuser     = 'tomcat'
-
-}
+#
+# == Class: voms::params
+#
+# Various centric parameters for installing and configuring voms and voms admin.
+#
+class voms::params {
+
+  # Voms Core Related.
+  $clientpkgs = hiera('voms_clientpkgs',['voms-clients-cpp'])
+  $corepkgs  = ['voms-server','voms-mysql-plugin']
+  $host = hiera('lcgvoms_voms_issuer', $::fqdn)
+
+  # Voms Admin Related.
+  $adminpkgs        = ['voms-admin-server','voms-admin-client']
+  $emirepo         = "http://emisoft.web.cern.ch/emisoft/dist/EMI/3/sl6/${::architecture}/base/"
+  $emiupdatesrepo  = "http://emisoft.web.cern.ch/emisoft/dist/EMI/3/sl6/${::architecture}/updates/"
+  $adminrepowhite   = ['voms-admin-server','voms-admin-client','emi-trustmanager-tomcat','emi-trustmanager']
+  $trustmanager_logging   = 'INFO' # should be info.
+  $tomcat_filelimit  = '16384'
+  
+
+  # Tomcat related.
+  $tomcatservice  = 'tomcat6'
+  $tomcatuser     = 'tomcat'
+
+}
diff --git a/manifests/pheno.pp b/manifests/pheno.pp
new file mode 100644
index 0000000..1342e1a
--- /dev/null
+++ b/manifests/pheno.pp
@@ -0,0 +1,24 @@
+class voms::pheno {
+  voms::client{'pheno':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15011',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15011',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15011',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+    ]
+  }
+}
diff --git a/manifests/planck.pp b/manifests/planck.pp
new file mode 100644
index 0000000..78e698d
--- /dev/null
+++ b/manifests/planck.pp
@@ -0,0 +1,12 @@
+class voms::planck {
+  voms::client{'planck':
+    servers => [
+      {
+        server => 'voms.cnaf.infn.it',
+          port => '15002',
+            dn => '/C=IT/O=INFN/OU=Host/L=CNAF/CN=voms.cnaf.infn.it',
+         ca_dn => '/C=IT/O=INFN/CN=INFN Certification Authority',
+      },
+    ]
+  }
+}
diff --git a/manifests/see.pp b/manifests/see.pp
new file mode 100644
index 0000000..a708410
--- /dev/null
+++ b/manifests/see.pp
@@ -0,0 +1,30 @@
+# Class defining the SEE VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the lhcb VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::see':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::see {
+  voms::client{'see':
+      servers => [{ server                   => 'voms.hellasgrid.gr',
+                    port  => '15004',
+                    dn    => '/C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms.hellasgrid.gr',
+                    ca_dn => '/C=GR/O=HellasGrid/OU=Certification Authorities/CN=HellasGrid CA 2006'
+                  },
+                  { server                   => 'voms2.hellasgrid.gr',
+                    port  => '15004',
+                    dn    => '/C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms2.hellasgrid.gr',
+                    ca_dn => '/C=GR/O=HellasGrid/OU=Certification Authorities/CN=HellasGrid CA 2006'
+                 }]
+  }
+}
+
diff --git a/manifests/server.pp b/manifests/server.pp
new file mode 100644
index 0000000..44b6773
--- /dev/null
+++ b/manifests/server.pp
@@ -0,0 +1,89 @@
+# Defines a new VOMS server in the setup, for a particular VO.
+#
+# == Parameters
+#
+# [*vo*]
+#   The name of the VO
+#
+# [*server*]
+#   The address (dns) of the server machine
+#
+# [*port*]
+#   The port where the VOMS service is listening
+#
+# [*dn*]
+#   The distinguished name (DN) of the VOMS server machine
+#
+# [*ca_dn*]
+#   The distinguished name (DN) of the certificate authority (CA) issuing
+#   the VOMS server DN
+#
+# == Example
+#
+# Simply invoke the definition with the name of the VO to enable:
+#   voms::server { 
+#    "voms_MyVO_cern":
+#      vo     => "MyVO",
+#      server => "voms.cern.ch",
+#      port   => 15001,
+#      dn     => ["/DC=ch/DC=cern/OU=computers/CN=voms.cern.ch"],
+#      ca_dn  => ["/DC=ch/DC=cern/CN=CERN Trusted Certification Authority"];
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PES/PS <it-dep-pes-ps@cern.ch>
+
+define voms::server($vo, $server, $port, $dn, $ca_dn) {
+
+  $vomsprefix = $grid_flavour ? {
+         "glite" => '/opt/glite/etc/vomses',
+         default => '/etc/vomses'
+  }
+  ensure_resource('file',"${vomsprefix}",
+                     { ensure => directory,
+                       owner  => root,
+                       group  => root,
+                       mode   => 0644,
+                       purge  => true
+                     }
+                 )
+
+
+  ensure_resource('file',"/etc/grid-security/vomsdir/${vo}",
+                     { ensure => directory,
+                       owner  => root,
+                       group  => root,
+                       mode   => 0644,
+                       purge  => true,
+                       require => File['/etc/grid-security/vomsdir']
+                     }
+                 )
+  ensure_resource('file','/etc/grid-security/vomsdir',
+                     { ensure => directory,
+                       owner  => root,
+                       group  => root,
+                       mode   => 0644,
+                       purge  => true,
+                     }
+                 )
+                                   
+
+  file {
+    "voms_lsc_$vo-$server":
+      path    => "/etc/grid-security/vomsdir/$vo/$server.lsc",
+      owner   => root,
+      group   => root,
+      mode    => 644,
+      content => template("voms/lsc.erb"),
+      require => File["/etc/grid-security/vomsdir/${vo}"]
+  }
+  file{"vomses_$vo-$server":
+      path    =>  "${vomsprefix}/${vo}-${server}",
+      owner   => root,
+      group   => root,
+      mode    => 644,
+      content => template("voms/vomses.erb"),
+      require => File["${vomsprefix}"]
+  }
+}
diff --git a/manifests/sixt.pp b/manifests/sixt.pp
new file mode 100644
index 0000000..222eb0b
--- /dev/null
+++ b/manifests/sixt.pp
@@ -0,0 +1,30 @@
+# Class defining the vo.sixt.cern.ch VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the vo.sixt.cern.ch VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::sixt':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+#unfortunately the full VO name vo.sixt.cern.ch is not a valid class name...
+class voms::sixt {
+  voms::client{'vo.sixt.cern.ch':
+      servers  => [{server => 'voms2.cern.ch',
+                    port   => '15005',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                   {server => 'lcg-voms2.cern.ch',
+                    port   => '15005',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   }]
+ }
+}
diff --git a/manifests/skatelescope_eu.pp b/manifests/skatelescope_eu.pp
new file mode 100644
index 0000000..97b8578
--- /dev/null
+++ b/manifests/skatelescope_eu.pp
@@ -0,0 +1,24 @@
+class voms::skatelescope_eu {
+  voms::client{'skatelescope.eu':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15512',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15512',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15512',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },         
+    ]
+  }
+}
diff --git a/manifests/snoplus_snolab_ca.pp b/manifests/snoplus_snolab_ca.pp
new file mode 100644
index 0000000..fba94a1
--- /dev/null
+++ b/manifests/snoplus_snolab_ca.pp
@@ -0,0 +1,24 @@
+class voms::snoplus_snolab_ca {
+  voms::client{'snoplus.snolab.ca':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15503',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15503',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15503',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+    ]
+  }
+}
diff --git a/manifests/solidexperiment_org.pp b/manifests/solidexperiment_org.pp
new file mode 100644
index 0000000..f16cc2f
--- /dev/null
+++ b/manifests/solidexperiment_org.pp
@@ -0,0 +1,24 @@
+class voms::solidexperiment_org {
+  voms::client{'solidexperiment.org':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15513',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15513',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15513',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+    ]
+  }
+}
diff --git a/manifests/superbvo_org.pp b/manifests/superbvo_org.pp
new file mode 100644
index 0000000..303d268
--- /dev/null
+++ b/manifests/superbvo_org.pp
@@ -0,0 +1,18 @@
+class voms::superbvo_org {
+  voms::client{'superbvo.org':
+    servers => [
+      {
+        server => 'voms-02.pd.infn.it',
+          port => '15009',
+            dn => '/C=IT/O=INFN/OU=Host/L=Padova/CN=voms-02.pd.infn.it',
+         ca_dn => '/C=IT/O=INFN/CN=INFN CA',
+      },
+      {
+        server => 'voms2.cnaf.infn.it',
+          port => '15009',
+            dn => '/C=IT/O=INFN/OU=Host/L=CNAF/CN=voms2.cnaf.infn.it',
+         ca_dn => '/C=IT/O=INFN/CN=INFN CA',
+      },
+    ]
+  }
+}
diff --git a/manifests/t2k_org.pp b/manifests/t2k_org.pp
new file mode 100644
index 0000000..3e2f7b7
--- /dev/null
+++ b/manifests/t2k_org.pp
@@ -0,0 +1,24 @@
+class voms::t2k_org {
+  voms::client{'t2k.org':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15003',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15003',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15003',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+    ]
+  }
+}
diff --git a/manifests/test.pp b/manifests/test.pp
new file mode 100644
index 0000000..08fecf2
--- /dev/null
+++ b/manifests/test.pp
@@ -0,0 +1,29 @@
+# Class defining the ALICE VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the ALICE VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::alice':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::test {
+  voms::client{'test':
+      servers => [{server                   => 'voms2.cern.ch',
+                    port  => '15001',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority',
+                   },
+                   {server                   => 'lcg-voms2.cern.ch',
+                    port  => '15001',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority',
+                   }]
+ }
+}
diff --git a/manifests/unosat.pp b/manifests/unosat.pp
new file mode 100644
index 0000000..eb3b5d4
--- /dev/null
+++ b/manifests/unosat.pp
@@ -0,0 +1,29 @@
+# Class defining the unosat VO, as seen by the VOMS service.
+#
+# Takes care of all the required setup to enable access to the unosat VO
+# (users and services) in a grid enabled machine.
+#
+# == Examples
+# 
+# Simply enable this class:
+#   class{'voms::unosat':}
+#
+# == Authors
+#
+# CERN IT/GT/DMS <it-dep-gt-dms@cern.ch>
+# CERN IT/PS/PES <it-dep-ps-pes@cern.ch>
+
+class voms::unosat {
+  voms::client{'unosat':
+      servers  => [{server => 'voms2.cern.ch',
+                    port   => '15006',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   },
+                   {server => 'lcg-voms2.cern.ch',
+                    port   => '15006',
+                    dn    => '/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch',
+                    ca_dn => '/DC=ch/DC=cern/CN=CERN Grid Certification Authority'
+                   }]
+ }
+}
diff --git a/manifests/vo_apc_univ_paris7_fr.pp b/manifests/vo_apc_univ_paris7_fr.pp
new file mode 100644
index 0000000..f01c28f
--- /dev/null
+++ b/manifests/vo_apc_univ_paris7_fr.pp
@@ -0,0 +1,12 @@
+class voms::vo_apc_univ_paris7_fr {
+  voms::client{'vo.apc.univ_paris7.fr':
+    servers => [
+      {
+        server => 'grid12.lal.in2p3.fr',
+          port => '20010',
+            dn => '/O=GRID-FR/C=FR/O=CNRS/OU=LAL/CN=grid12.lal.in2p3.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/vo_cta_in2p3_fr.pp b/manifests/vo_cta_in2p3_fr.pp
new file mode 100644
index 0000000..1f4b16c
--- /dev/null
+++ b/manifests/vo_cta_in2p3_fr.pp
@@ -0,0 +1,12 @@
+class voms::vo_cta_in2p3_fr {
+  voms::client{'vo.cta.in2p3.fr':
+    servers => [
+      {
+        server => 'cclcgvomsli01.in2p3.fr',
+          port => '15008',
+            dn => '/O=GRID-FR/C=FR/O=CNRS/OU=CC-IN2P3/CN=cclcgvomsli01.in2p3.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/vo_formation_idgrilles_fr.pp b/manifests/vo_formation_idgrilles_fr.pp
new file mode 100644
index 0000000..26264ab
--- /dev/null
+++ b/manifests/vo_formation_idgrilles_fr.pp
@@ -0,0 +1,12 @@
+class voms::vo_formation_idgrilles_fr {
+  voms::client{'vo.formation.idgrilles.fr':
+    servers => [
+      {
+        server => 'cclcgvomsli01.in2p3.fr',
+          port => '15012',
+            dn => '/O=GRID-FR/C=FR/O=CNRS/OU=CC-IN2P3/CN=cclcgvomsli01.in2p3.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/vo_france_grilles_fr.pp b/manifests/vo_france_grilles_fr.pp
new file mode 100644
index 0000000..ea41f6a
--- /dev/null
+++ b/manifests/vo_france_grilles_fr.pp
@@ -0,0 +1,12 @@
+class voms::vo_france_grilles_fr {
+  voms::client{'vo.france-grilles.fr':
+    servers => [
+      {
+        server => 'cclcgvomsli01.in2p3.fr',
+          port => '15017',
+            dn => '/O=GRID-FR/C=FR/O=CNRS/OU=CC-IN2P3/CN=cclcgvomsli01.in2p3.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/vo_grif_fr.pp b/manifests/vo_grif_fr.pp
new file mode 100644
index 0000000..4d0e729
--- /dev/null
+++ b/manifests/vo_grif_fr.pp
@@ -0,0 +1,12 @@
+class voms::vo_grif_fr {
+  voms::client{'vo.grif.fr':
+    servers => [
+      {
+        server => 'grid12.lal.in2p3.fr',
+          port => '20001',
+            dn => '/O=GRID-FR/C=FR/O=CNRS/OU=LAL/CN=grid12.lal.in2p3.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/vo_hess_experiment_eu.pp b/manifests/vo_hess_experiment_eu.pp
new file mode 100644
index 0000000..5d5f983
--- /dev/null
+++ b/manifests/vo_hess_experiment_eu.pp
@@ -0,0 +1,12 @@
+class voms::vo_hess_experiment_eu {
+  voms::client{'vo.hess-experiment.eu':
+    servers => [
+      {
+        server => 'grid12.lal.in2p3.fr',
+          port => '20021',
+            dn => '/O=GRID-FR/C=FR/O=CNRS/OU=LAL/CN=grid12.lal.in2p3.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/vo_ipno_in2p3_fr.pp b/manifests/vo_ipno_in2p3_fr.pp
new file mode 100644
index 0000000..9f68c6e
--- /dev/null
+++ b/manifests/vo_ipno_in2p3_fr.pp
@@ -0,0 +1,12 @@
+class voms::vo_ipno_in2p3_fr {
+  voms::client{'vo.ipno.in2p3.fr':
+    servers => [
+      {
+        server => 'grid12.lal.in2p3.fr',
+          port => '20003',
+            dn => '/O=GRID-FR/C=FR/O=CNRS/OU=LAL/CN=grid12.lal.in2p3.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/vo_irfu_cea_fr.pp b/manifests/vo_irfu_cea_fr.pp
new file mode 100644
index 0000000..50bd9a9
--- /dev/null
+++ b/manifests/vo_irfu_cea_fr.pp
@@ -0,0 +1,12 @@
+class voms::vo_irfu_cea_fr {
+  voms::client{'vo.irfu.cea.fr':
+    servers => [
+      {
+        server => 'grid12.lal.in2p3.fr',
+          port => '20014',
+            dn => '/O=GRID-FR/C=FR/O=CNRS/OU=LAL/CN=grid12.lal.in2p3.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/vo_lal_in2p3_fr.pp b/manifests/vo_lal_in2p3_fr.pp
new file mode 100644
index 0000000..690594c
--- /dev/null
+++ b/manifests/vo_lal_in2p3_fr.pp
@@ -0,0 +1,12 @@
+class voms::vo_lal_in2p3_fr {
+  voms::client{'vo.lal.in2p3.fr':
+    servers => [
+      {
+        server => 'grid12.lal.in2p3.fr',
+          port => '20000',
+            dn => '/O=GRID-FR/C=FR/O=CNRS/OU=LAL/CN=grid12.lal.in2p3.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/vo_landslides_mossaic_org.pp b/manifests/vo_landslides_mossaic_org.pp
new file mode 100644
index 0000000..307a6ac
--- /dev/null
+++ b/manifests/vo_landslides_mossaic_org.pp
@@ -0,0 +1,24 @@
+class voms::vo_landslides_mossaic_org {
+  voms::client{'vo.landslides.mossaic.org':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15502',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15502',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15502',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+    ]
+  }
+}
diff --git a/manifests/vo_llr_in2p3_fr.pp b/manifests/vo_llr_in2p3_fr.pp
new file mode 100644
index 0000000..d6a3c6a
--- /dev/null
+++ b/manifests/vo_llr_in2p3_fr.pp
@@ -0,0 +1,12 @@
+class voms::vo_llr_in2p3_fr {
+  voms::client{'vo.llr.in2p3.fr':
+    servers => [
+      {
+        server => 'grid12.lal.in2p3.fr',
+          port => '20007',
+            dn => '/O=GRID-FR/C=FR/O=CNRS/OU=LAL/CN=grid12.lal.in2p3.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/vo_lpnhe_in2p3_fr.pp b/manifests/vo_lpnhe_in2p3_fr.pp
new file mode 100644
index 0000000..11ad8de
--- /dev/null
+++ b/manifests/vo_lpnhe_in2p3_fr.pp
@@ -0,0 +1,12 @@
+class voms::vo_lpnhe_in2p3_fr {
+  voms::client{'vo.lpnhe.in2p3.fr':
+    servers => [
+      {
+        server => 'grid12.lal.in2p3.fr',
+          port => '20008',
+            dn => '/O=GRID-FR/C=FR/O=CNRS/OU=LAL/CN=grid12.lal.in2p3.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/vo_neugrid_eu.pp b/manifests/vo_neugrid_eu.pp
new file mode 100644
index 0000000..c5f1166
--- /dev/null
+++ b/manifests/vo_neugrid_eu.pp
@@ -0,0 +1,12 @@
+class voms::vo_neugrid_eu {
+  voms::client{'vo.neugrid.eu':
+    servers => [
+      {
+        server => 'voms.gnubila.fr',
+          port => '15001',
+            dn => '/O=GRID-FR/C=FR/O=MAATG/CN=voms.gnubila.fr',
+         ca_dn => '/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services',
+      },
+    ]
+  }
+}
diff --git a/manifests/vo_southgrid_ac_uk.pp b/manifests/vo_southgrid_ac_uk.pp
new file mode 100644
index 0000000..b43a3b3
--- /dev/null
+++ b/manifests/vo_southgrid_ac_uk.pp
@@ -0,0 +1,24 @@
+class voms::vo_southgrid_ac_uk {
+  voms::client{'vo.southgrid.ac.uk':
+    servers => [
+      {
+        server => 'voms.gridpp.ac.uk',
+          port => '15019',
+            dn => '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms02.gridpp.ac.uk',
+          port => '15019',
+            dn => '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },
+      {
+        server => 'voms03.gridpp.ac.uk',
+          port => '15019',
+            dn => '/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk',
+         ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK e-Science CA 2B',
+      },         
+    ]
+  }
+}
diff --git a/manifests/zeus.pp b/manifests/zeus.pp
new file mode 100644
index 0000000..9f5f959
--- /dev/null
+++ b/manifests/zeus.pp
@@ -0,0 +1,12 @@
+class voms::zeus {
+  voms::client{'zeus':
+    servers => [
+      {
+        server => 'grid-voms.desy.de',
+          port => '15112',
+            dn => '/C=DE/O=GermanGrid/OU=DESY/CN=host/grid-voms.desy.de',
+         ca_dn => '/C=DE/O=GermanGrid/CN=GridKa-CA',
+      },
+    ]
+  }
+}
diff --git a/metadata.json b/metadata.json
new file mode 100644
index 0000000..fe76d91
--- /dev/null
+++ b/metadata.json
@@ -0,0 +1,19 @@
+{
+  "author": "CERNOps",
+  "dependencies": [
+    {
+      "name": "puppetlabs/stdlib",
+      "version_requirement": "\u003e\u003d 2.0.0"
+    }
+  ],
+  "description": "This modules provides classes and definitions required to manage and properly configure a gLite service or client supporting authorization using the gLite Virtual Organization Membership Service (VOMS).",
+  "license": "Apache-2.0",
+  "name": "lcgdm-voms",
+  "operatingsystem_support": [],
+  "project_page": "https://github.com/hep-puppet/puppet-voms",
+  "requirements": [],
+  "source": "https://github.com/hep-puppet/puppet-voms",
+  "summary": "Resources for managing a gLite Virtual Organization Membership Service (VOMS) client and server installation'",
+  "tags": [],
+  "version": "0.3.3"
+}
diff --git a/templates/lsc.erb b/templates/lsc.erb
new file mode 100644
index 0000000..f58cf1c
--- /dev/null
+++ b/templates/lsc.erb
@@ -0,0 +1,2 @@
+<%= dn %>
+<%= ca_dn %>
diff --git a/templates/server.xml.erb b/templates/server.xml.erb
deleted file mode 100644
index dc8e9d2..0000000
--- a/templates/server.xml.erb
+++ /dev/null
@@ -1,21 +0,0 @@
-<Server port="8005" shutdown="SHUTDOWN">
-  <Service name="Catalina">
-
-    <Connector port="8443" maxThreads="150" minSpareThreads="25" 
-               maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true"
-               acceptCount="100" debug="0" scheme="https" secure="true"
-               sSLImplementation="org.glite.security.trustmanager.tomcat.TMSSLImplementation"
-               sslCertFile="/etc/grid-security/tomcat-hostcert.pem"
-               sslKey="/etc/grid-security/tomcat-hostkey.pem"
-               log4jConfFile="/etc/<%= @tomcatservice %>/log4j-trustmanager.properties"
-               clientAuth="true" sslProtocol="TLS"
-               trustStoreDir="/etc/grid-security/certificates"
-               crlUpdateInterval="6h"
-               SSLEnabled="true"/>
-    <Engine name="Catalina" defaultHost="localhost">
-      <Host name="localhost" appBase="webapps" />
-    </Engine>
-  </Service>
-</Server>
-
-
diff --git a/templates/tomcat6.conf.erb b/templates/tomcat6.conf.erb
deleted file mode 100644
index 73d95b3..0000000
--- a/templates/tomcat6.conf.erb
+++ /dev/null
@@ -1,53 +0,0 @@
-# File maintained with puppet.
-#
-
-# Where your java installation lives
-JAVA_HOME="/usr/lib/jvm/jre"
-
-# Where your tomcat installation lives
-CATALINA_BASE="/usr/share/tomcat6"
-CATALINA_HOME="/usr/share/tomcat6"
-JASPER_HOME="/usr/share/tomcat6"
-CATALINA_TMPDIR="/var/cache/tomcat6/temp"
-
-# You can pass some parameters to java here if you wish to
-#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"
-
-# Use JAVA_OPTS to set java.library.path for libtcnative.so
-#JAVA_OPTS="-Djava.library.path=/usr/lib"
-
-# Cannot resolve user database reference - naming-factory-dbcp
-# the real problem is a cnfe that is avoided by configuring
-# the -Djavax.sql.DataSource.Factory. This fixes the rpm install.
-JAVA_OPTS="${JAVA_OPTS} -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory"
-
-# What user should run tomcat
-TOMCAT_USER="tomcat"
-
-# You can change your tomcat locale here
-#LANG="en_US"
-
-# Run tomcat under the Java Security Manager
-SECURITY_MANAGER="false"
-
-# Time to wait in seconds, before killing process
-SHUTDOWN_WAIT="30"
-
-# Whether to annoy the user with "attempting to shut down" messages or not
-SHUTDOWN_VERBOSE=false
-
-# Set the TOMCAT_PID location
-CATALINA_PID="/var/run/tomcat6.pid"
-
-# Connector port is 8080 for this tomcat6 instance
-#CONNECTOR_PORT="8080"
-
-# If you wish to further customize your tomcat environment,
-# put your own definitions here
-# (i.e. LD_LIBRARY_PATH for some jdbc drivers)
-
-JAVA_ENDORSED_DIRS="$JAVA_ENDORSED_DIRS:/usr/share/voms-admin/endorsed"
-
-CATALINA_OPTS="-Xmx<%= @memsize %>M -server -Dsun.net.client.defaultReadTimeout=240000 -XX:MaxPermSize=<%= @permsize %>m"
-
-
diff --git a/templates/voms-admin-add-admin.sh.erb b/templates/voms-admin-add-admin.sh.erb
index a238476..c7e4d6f 100644
--- a/templates/voms-admin-add-admin.sh.erb
+++ b/templates/voms-admin-add-admin.sh.erb
@@ -2,8 +2,8 @@
 #
 # Script generated by puppet for  VO <%= @vo %>
 # 
-[ -f /tmp/usercert.pem ] || echo "Put the usercert to be added as /tmp/usercert.pem" && exit
+[ -f /tmp/usercert.pem ] || ( echo "Put the usercert to be added as /tmp/usercert.pem" && exit)
 
-/usr/sbin/voms-db-deploy.py add-admin --vo <%= @vo %> --cert /tmp/usercert.pem
+voms-admin --vo <%= @vo %> create-user /tmp/usercert.pem assign-role VO VO-admin /tmp/usercert.pem
 
 
diff --git a/templates/voms-admin-create.sh.erb b/templates/voms-admin-create.sh.erb
index 0fd8847..0b95070 100644
--- a/templates/voms-admin-create.sh.erb
+++ b/templates/voms-admin-create.sh.erb
@@ -3,22 +3,29 @@
 # This script was created by puppet for creatig schema
 # voms-admin for the VO <%= @vo %>.
 
-/usr/sbin/voms-admin-configure install \
+/usr/sbin/voms-configure install \
       --vo <%= @vo  %> \
       --skip-voms-core \
-      --port <%= @port %> \
+      --core-port <%= @port %> \
       --deploy-database \
       --dbtype  mysql \
       --dbusername  <%= @sqlusername %> \
-      --dbpassword  <%= @sqlpwd %> \
+      --dbpassword  `cat <%= @passfile  %>` \
       --dbname      <%= @sqldbname %> \
       --dbhost      <%= @sqlhost %> \
       --dbport      <%= @sqlport %> \
       --mail-from   <%= @mailfrom %> \
       --smtp-host   <%= @mailsmtp %> \
+      --csrf-log-only \
 <% if @read_access_for_authenticated_clients -%>
       --read-access-for-authenticated-clients \
 <% end -%>
+<% if @disable_registration  -%>
+      --disable-registration \
+<% end -%>
+<% if @disable_notification -%>
+      --disable-notification \
+<% end -%>
 <% if @disable_webui_requests  -%>
       --disable-webui-requests @disable_webui_requests \
 <% end -%>
diff --git a/templates/voms-admin-install.sh.erb b/templates/voms-admin-install.sh.erb
index 0044c6e..e308e7a 100644
--- a/templates/voms-admin-install.sh.erb
+++ b/templates/voms-admin-install.sh.erb
@@ -3,26 +3,29 @@
 # This script was created by puppet for installing
 # voms-admin for the VO <%= @vo %>.
 
-/usr/sbin/voms-admin-configure install \
+/usr/sbin/voms-configure install \
       --vo <%= @vo  %> \
       --skip-database \
       --skip-voms-core \
-      --port <%= @port %> \
+      --core-port <%= @port %> \
       --dbtype  mysql \
       --dbusername  <%= @sqlusername %> \
-      --dbpassword  <%= @sqlpwd %> \
+      --dbpassword  `cat <%= @passfile  %>` \
       --dbname      <%= @sqldbname %> \
       --dbhost      <%= @sqlhost %> \
       --dbport      <%= @sqlport %> \
       --mail-from   <%= @mailfrom %> \
       --smtp-host   <%= @mailsmtp %> \
+      --csrf-log-only \
 <% if @read_access_for_authenticated_clients -%>
       --read-access-for-authenticated-clients \
 <% end -%>
-<% if @disable_webui_requests  -%>
-      --disable-webui-requests @disable_webui_requests \
+<% if @disable_registration  -%>
+      --disable-registration \
+<% end -%>
+<% if @disable_notification -%>
+      --disable-notification \
 <% end -%>
-
 <% if @vo_aup_url  -%>
       --vo-aup-url @vo_aup_url \
 <% end -%>
@@ -35,5 +38,3 @@
 <% if @aa_key -%>
       --saml-max-assertion-lifetime  @saml_max_assertion_lifetime \
 <% end -%>
-
-
diff --git a/templates/voms-admin-remove.sh.erb b/templates/voms-admin-remove.sh.erb
index db73f65..b57880d 100644
--- a/templates/voms-admin-remove.sh.erb
+++ b/templates/voms-admin-remove.sh.erb
@@ -3,13 +3,13 @@
 # This script was created by puppet for removing
 # voms-admin for the VO <%= @vo %>.
 
-/usr/sbin/voms-admin-configure remove \
+/usr/sbin/voms-configure remove \
       --vo <%= @vo  %> \
       --skip-voms-core \
-      --port <%= @port %> \
+      --core-port <%= @port %> \
       --dbtype  mysql \
       --dbusername  <%= @sqlusername %> \
-      --dbpassword  <%= @sqlpwd %> \
+      --dbpassword  `cat <%= @passfile  %>` \
       --dbname      <%= @sqldbname %> \
       --dbhost      <%= @sqlhost %> \
       --dbport      <%= @sqlport %> \
diff --git a/templates/voms-admin-upgrade.sh.erb b/templates/voms-admin-upgrade.sh.erb
index 653b116..1b2b168 100644
--- a/templates/voms-admin-upgrade.sh.erb
+++ b/templates/voms-admin-upgrade.sh.erb
@@ -3,13 +3,13 @@
 # This script was created by puppet for upgrading
 # voms-admin for the VO <%= @vo %>.
 
-/usr/sbin/voms-admin-configure upgrade \
+/usr/sbin/voms-configure upgrade \
       --vo <%= @vo  %> \
       --skip-voms-core \
-      --port <%= @port %> \
+      --core-port <%= @port %> \
       --dbtype  mysql \
       --dbusername  <%= @sqlusername %> \
-      --dbpassword  <%= @sqlpwd %> \
+      --dbpassword  `cat <%= @passfile  %>` \
       --dbname      <%= @sqldbname %> \
       --dbhost      <%= @sqlhost %> \
       --dbport      <%= @sqlport %> \
diff --git a/templates/voms.conf.erb b/templates/voms.conf.erb
index ced6c97..cf55f3e 100644
--- a/templates/voms.conf.erb
+++ b/templates/voms.conf.erb
@@ -8,7 +8,7 @@
 --timeout=<%= @vomstimeout %>
 --logmax=500000000
 --logfile=/var/log/voms/<%= @vo %>.log
---passfile=/etc/voms/<%= @vo %>/voms.pass
+--passfile=<%= @passfile %>
 <% if @architecture == "x86_64" -%>
 --sqlloc=/usr/lib64/voms/libvomsmysql.so
 <% else -%>
@@ -18,3 +18,4 @@
 --mysql-port=<%= @sqlport %>
 --username=<%= @sqlusername %>
 --contactstring=<%= @sqlhost %>
+--max-reqs=<%= @maxreqs %>
diff --git a/templates/vomses.erb b/templates/vomses.erb
new file mode 100644
index 0000000..8aee676
--- /dev/null
+++ b/templates/vomses.erb
@@ -0,0 +1 @@
+"<%= vo %>" "<%= server %>" "<%= port %>" "<%= dn %>" "<%= vo %>" "24"
diff --git a/tests/init.pp b/tests/init.pp
index 58f8a78..5227a83 100644
--- a/tests/init.pp
+++ b/tests/init.pp
@@ -1 +1 @@
-include voms
+include voms