From: wengang wang <wen.gang.wang@oracle.com>
To: Ian Kent <raven@themaw.net>
Cc: autofs@linux.kernel.org
Subject: Re: basedn in /etc/sysconfig/autofs
Date: Thu, 06 Sep 2007 10:01:11 +0800 [thread overview]
Message-ID: <46DF5F67.7030901@oracle.com> (raw)
In-Reply-To: <1188994602.3119.5.camel@raven.themaw.net>
[-- Attachment #1.1: Type: text/plain, Size: 10102 bytes --]
Hi Ian,
here is the exchangings:
**** PLAKDAWA
<https://bug.oraclecorp.com/pls/bug/WEBBUG_EDIT.User_Profile?p_username=PLAKDAWA>
<mailto:porus.lakdawala@oracle.com?subject=Bug%23%206315017%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP&body=Bug%23%20%3Ca%20href=http://bug.us.oracle.com/pls/bug/webbug_print.show?c_rptno=6315017%3E6315017%3C/a%3E%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP>
07/31/07 04:41 pm ****
In RHEL4 it was possible to set a "basedn" variable in the
/etc/sysconfig/autofs file which served as a basedn for LDAP lookups
performed by the automounter.
However, this has been removed in RHEL5.
This functionality is critical for us because we separate automounter
maps by
region, but look up accounts and groups in the entire directory. So
different
basedn are required for each of these lookups.
Can this functonality please be restored?
Thank you.
****** BBARBE
<https://bug.oraclecorp.com/pls/bug/WEBBUG_EDIT.User_Profile?p_username=BBARBE>
<mailto:bert.barbe@oracle.com?subject=Bug%23%206315017%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP&body=Bug%23%20%3Ca%20href=http://bug.us.oracle.com/pls/bug/webbug_print.show?c_rptno=6315017%3E6315017%3C/a%3E%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP>
08/01/07 03:58 am ****
/@ BASEDN was introduced in the following errata /
/@ http://rhn.redhat.com/errata/RHBA-2006-0464.html/
/@ It is present in Update 4 and up/
****** PLAKDAWA
<https://bug.oraclecorp.com/pls/bug/WEBBUG_EDIT.User_Profile?p_username=PLAKDAWA>
<mailto:porus.lakdawala@oracle.com?subject=Bug%23%206315017%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP&body=Bug%23%20%3Ca%20href=http://bug.us.oracle.com/pls/bug/webbug_print.show?c_rptno=6315017%3E6315017%3C/a%3E%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP>
08/13/07 10:47 am ****
We set the autofs basedn using /etc/sysconfig/autofs.
We do not use /etc/openldap/ldap.conf because this file is automatically
edited by the redhat config tools authconfig and
system-config-authentication. These tools setup identical basedn entries
for
the two files /etc/ldap.conf and /etc/openldap/ldap.conf.
The /etc/sysconfig/autofs settings for us in RHEL AS4 are as follows:
[porus@rattlebag ~]$ cat /etc/sysconfig/autofs
# Define custom options in /etc/sysconfig/autofs
# Use LOCALOPTIONS for defining variables, e.g. OSREL
# Use DAEMONOPTIONS to define the unmount timeout
# Define UNDERSCORETODOT as 1 to convert
# auto_home to auto.home and auto_mnt to auto.mnt
# Mount options, e.g. rsize=8192, should go in auto.master or
# the auto_* map entry for a specific mount point
#
LOCALOPTIONS=""
DAEMONOPTIONS="--timeout=60"
LDAPAUTOMASTER=""
# UNDERSCORETODOT changes auto_home to auto.home and auto_mnt to auto.mnt
UNDERSCORETODOT=1
DISABLE_DIRECT=1
# Only source one master map if set to 1. This would mimic Sun behaviour.
# The default is 0 to maintain backwards compatibility.
ONE_AUTO_MASTER=0
# List of directories to be ghosted, separated by white space.
GHOSTDIRS=""
# Base DN to use when searching for the master map
BASEDN=ou=sc,ou=ca,ou=na,dc=hyperion,dc=com
****** PLAKDAWA
<https://bug.oraclecorp.com/pls/bug/WEBBUG_EDIT.User_Profile?p_username=PLAKDAWA>
<mailto:porus.lakdawala@oracle.com?subject=Bug%23%206315017%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP&body=Bug%23%20%3Ca%20href=http://bug.us.oracle.com/pls/bug/webbug_print.show?c_rptno=6315017%3E6315017%3C/a%3E%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP>
08/14/07 02:06 pm ****
Just to give you a little more information: Our automount schema is
based on
the "automountmapname", "automountkey" and "automountinformation"
attributes.
This works properly with the relevant settings in the /etc/sysconfig/autofs
file on RHEL5 if the basedn is set manually in the /etc/openldap/ldap.conf
file. However, since the openldap/ldap.conf file can be used by other
applications, we don't want our automounter's basedn to depend on this.
The LDAP attributes of the automount maps are as shown below:
[porus@rattlebag ~]$ ldapsearch -LLL -x -b
"ou=sc,ou=ca,ou=na,dc=hyperion,dc=com" "automountmapname=auto_nfshome"
dn: automountMapName=auto_nfshome,ou=sc,ou=ca,ou=na,dc=hyperion,dc=com
objectClass: top
objectClass: automountMap
automountMapName: auto_nfshome
[porus@rattlebag ~]$ ldapsearch -LLL -x -b
"automountmapname=auto_nfshome,ou=sc,ou=ca,ou=na,dc=hyperion,dc=com"
"automountkey=plakdawa"
dn:
automountkey=plakdawa,automountMapName=auto_nfshome,ou=sc,ou=ca,ou=na,dc=h
yperion,dc=com
automountInformation: scfs3:/vol/vol2/homes/&
automountKey: plakdawa
objectClass: top
objectClass: automount
**** PLAKDAWA
<https://bug.oraclecorp.com/pls/bug/WEBBUG_EDIT.User_Profile?p_username=PLAKDAWA>
<mailto:porus.lakdawala@oracle.com?subject=Bug%23%206315017%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP&body=Bug%23%20%3Ca%20href=http://bug.us.oracle.com/pls/bug/webbug_print.show?c_rptno=6315017%3E6315017%3C/a%3E%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP>
08/14/07 02:12 pm ****
I am not certain if the lab server will be reachable from your subnets. We
are part of hyperion (was recently acquired by Oracle). Please try the
/@ following IP address /
/@ Name: labldap02.hyperion.com/
Address: 172.27.33.46
The LDAP basedn for all account lookups is "dc=hyperion,dc=com".
The LDAP basedn for automount lookups is
"ou=sc,ou=ca,ou=na,dc=hyperion,dc=com"
**** WWG
<https://bug.oraclecorp.com/pls/bug/WEBBUG_EDIT.User_Profile?p_username=WWG>
<mailto:wen.gang.wang@oracle.com?subject=Bug%23%206315017%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP&body=Bug%23%20%3Ca%20href=http://bug.us.oracle.com/pls/bug/webbug_print.show?c_rptno=6315017%3E6315017%3C/a%3E%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP>
08/15/07 12:34 am ****
/@ yes, as you said, BASEDN set in /etc/sysconfig/autofs doesn't work./
/@ while, you can specify the auto master entry by add one line in to /
/@ /etc/sysconfig/autofs/
/@
DEFAULT_MASTER_MAP_NAME="//172.27.33.46/automountmapname=auto_nfshome,ou=sc,ou/
/@ =ca,ou=na,dc=hyperion,dc=com"/
**** PLAKDAWA
<https://bug.oraclecorp.com/pls/bug/WEBBUG_EDIT.User_Profile?p_username=PLAKDAWA>
<mailto:porus.lakdawala@oracle.com?subject=Bug%23%206315017%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP&body=Bug%23%20%3Ca%20href=http://bug.us.oracle.com/pls/bug/webbug_print.show?c_rptno=6315017%3E6315017%3C/a%3E%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP>
08/20/07 11:46 am ****
We have multiple automount maps in ou=sc,ou=ca,ou=na,dc=hyperion,dc=com.
So should the DEFAULT_MASTER_MAP_NAME be set to the auto.master map?
[porus@rattlebag ~]$ ldapsearch -LLL -x -b
"ou=sc,ou=ca,ou=na,dc=hyperion,dc=com" "objectclass=automountmap"
dn: automountMapName=auto_automnt,ou=sc,ou=ca,ou=na,dc=hyperion,dc=com
automountMapName: auto_automnt
objectClass: top
objectClass: automountMap
dn: automountMapName=auto_master,ou=sc,ou=ca,ou=na,dc=hyperion,dc=com
automountMapName: auto_master
objectClass: top
objectClass: automountMap
dn: automountMapName=auto.master,ou=sc,ou=ca,ou=na,dc=hyperion,dc=com
automountMapName: auto.master
objectClass: top
objectClass: automountMap
dn: automountMapName=auto_scfs3,ou=sc,ou=ca,ou=na,dc=hyperion,dc=com
objectClass: top
objectClass: automountMap
automountMapName: auto_scfs3
dn: automountMapName=auto_scfs4,ou=sc,ou=ca,ou=na,dc=hyperion,dc=com
objectClass: top
objectClass: automountMap
automountMapName: auto_scfs4
dn: automountMapName=auto_nar200,ou=sc,ou=ca,ou=na,dc=hyperion,dc=com
objectClass: top
objectClass: automountMap
automountMapName: auto_nar200
dn: automountMapName=auto_nfshome,ou=sc,ou=ca,ou=na,dc=hyperion,dc=com
objectClass: top
objectClass: automountMap
automountMapName: auto_nfshome
dn: automountMapName=auto_products,ou=sc,ou=ca,ou=na,dc=hyperion,dc=com
objectClass: top
objectClass: automountMap
automountMapName: auto_products
**** PLAKDAWA
<https://bug.oraclecorp.com/pls/bug/WEBBUG_EDIT.User_Profile?p_username=PLAKDAWA>
<mailto:porus.lakdawala@oracle.com?subject=Bug%23%206315017%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP&body=Bug%23%20%3Ca%20href=http://bug.us.oracle.com/pls/bug/webbug_print.show?c_rptno=6315017%3E6315017%3C/a%3E%20-%20BASEDN%20NO%20LONGER%20AVAILABLE%20TO%20SET%20FOR%20AUTOFS%20WITH%20LDAP>
08/20/07 11:51 am ****
The other issue with the DEFAULT_MASTER_MAP_NAME is that providing the full
URL, will prevent the failover to the secondary LDAP server should the one
mentioned in the URL fail. Or is it possible to add secondary entries?
over.
thanks
wengang.
Ian Kent wrote:
> On Wed, 2007-09-05 at 10:15 +0800, wengang wang wrote:
>
>> Hi,
>> A custom complained that:
>> //<==
>> In RHEL4 it was possible to set a "basedn" variable in the
>> /etc/sysconfig/autofs file which served as a basedn for LDAP lookups
>> performed by the automounter.
>>
>> However, this has been removed in RHEL5.
>> //<==
>> It is true that setting it in /etc/openldap/ldap.conf is an alternative,
>>
>
> No.
>
>
>> the custom doesn't want do as that because /etc/openldap/ldap.conf is
>> automatically edited by the redhat config tools authconfig and
>> system-config-authentication.
>> So I want to know for what the basedn is removed from
>> /etc/sysconfig/autofs. I checked all the change logs and readmes in
>> autofs-5.0.1, but didn't find basedn metioned.
>>
>
> In version 5 the base dn is calculated, depending on how you specify the
> map.
>
> Describe the problem and I'll try and give a sensible answer.
>
> Ian
>
>
>
--
Wengang Wang
Member of Technical Staff
Oracle Asia R&D Center
Open Source Technologies Development
Tel: +86 10 8278 6265
Mobile: +86 13381078925
[-- Attachment #1.2.1: Type: text/html, Size: 12878 bytes --]
[-- Attachment #1.2.2: mailto.gif --]
[-- Type: image/gif, Size: 96 bytes --]
[-- Attachment #2: Type: text/plain, Size: 140 bytes --]
_______________________________________________
autofs mailing list
autofs@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/autofs
next prev parent reply other threads:[~2007-09-06 2:01 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-09-05 2:15 basedn in /etc/sysconfig/autofs wengang wang
2007-09-05 12:16 ` Ian Kent
2007-09-05 17:43 ` Simon Gao
2007-09-05 17:57 ` Wolfe, Allan
2007-09-06 3:11 ` Ian Kent
2007-09-06 3:09 ` Ian Kent
2007-09-06 14:43 ` Jeff Moyer
2007-09-06 22:44 ` Simon Gao
2007-09-07 1:14 ` Ian Kent
2007-09-06 2:01 ` wengang wang [this message]
2007-09-06 3:41 ` Ian Kent
2007-09-10 1:44 ` wengang wang
2007-09-10 3:01 ` Ian Kent
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=46DF5F67.7030901@oracle.com \
--to=wen.gang.wang@oracle.com \
--cc=autofs@linux.kernel.org \
--cc=raven@themaw.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.