Autofs & LDAP

Autofs & LDAP

[Jeff Largent]

On Redhat 7.3 with openldap-servers-2.0.27-2.7.3, and autofs-3.1.7-28. I have a
working autofs/ldap configuration.

dn: ou=auto.master,dc=il,dc=com
ou: auto.master
objectClass: top
objectClass: automountMap

dn: cn=/opt,ou=auto.master,dc=il,dc=com
objectClass: automount
cn: /opt
automountInformation: ldap:ldap.il.com:ou=auto.opt,dc=imagelinks,dc=com

dn: cn=bin,ou=auto.opt,dc=il,dc=com
objectClass: automount
cn: bin
automountInformation: -ro bserv.il.com:/export/Linux-2/opt/bin

The same maps on Fedora core 1 with openldap-servers-2.1.22-8, and 
autofs-3.1.7-42 refuse to work.

This is what I see in the logs:
automount[13734]: starting automounter version 3.1.7, path = /cm, maptype = 
ldap, mapname = ldap.il.com:ou=auto.cm,dc=il,dc=com

if I put a space between the : after the ldap hostname and the dn auto fs 
reconizes the automount but then fails on the lookup.
automount[8400]: lookup(ldap): query failed for (&(objectclass=automount)(cn=opt))

a ldapsearch -x "(&(objectclass=automount)(cn=opt))" returns the proper map.

Any suggestions??
In slapd.conf I have "allow bind_v2"



-- 
Jeff Largent                   ImageLinks, Inc.

Re: Autofs & LDAP

[Jeff Largent]

FYI:
   I found the problem, with openldap 2.1 you have to allow bind_anon_dn
for autofs to work.



Jeff Largent wrote:
> On Redhat 7.3 with openldap-servers-2.0.27-2.7.3, and autofs-3.1.7-28. I 
> have a
> working autofs/ldap configuration.
> 
> dn: ou=auto.master,dc=il,dc=com
> ou: auto.master
> objectClass: top
> objectClass: automountMap
> 
> dn: cn=/opt,ou=auto.master,dc=il,dc=com
> objectClass: automount
> cn: /opt
> automountInformation: ldap:ldap.il.com:ou=auto.opt,dc=imagelinks,dc=com
> 
> dn: cn=bin,ou=auto.opt,dc=il,dc=com
> objectClass: automount
> cn: bin
> automountInformation: -ro bserv.il.com:/export/Linux-2/opt/bin
> 
> The same maps on Fedora core 1 with openldap-servers-2.1.22-8, and 
> autofs-3.1.7-42 refuse to work.
> 
> This is what I see in the logs:
> automount[13734]: starting automounter version 3.1.7, path = /cm, 
> maptype = ldap, mapname = ldap.il.com:ou=auto.cm,dc=il,dc=com
> 
> if I put a space between the : after the ldap hostname and the dn auto 
> fs reconizes the automount but then fails on the lookup.
> automount[8400]: lookup(ldap): query failed for 
> (&(objectclass=automount)(cn=opt))
> 
> a ldapsearch -x "(&(objectclass=automount)(cn=opt))" returns the proper 
> map.
> 
> Any suggestions??
> In slapd.conf I have "allow bind_v2"
> 
> 
> 

-- 
Jeff Largent                   ImageLinks, Inc.

autofs+LDAP

[Mikel Jimenez]

Hello Guys

I have a OpenLDAP server with user accounts. Actually, i autheticate my 
LAN machines to LDAP server and ALL OK.

I want that:

EXAMPLE:
day 1:
user1 login in machine1 and I want to mount via NFS, the home of this 
user, that is in another storage server

day 2: user 1 login in machine6 and I want to mount via NFS, the home of 
this user, that is in another storage server


I want to have all users homes, in a centralized storage server, and 
give the posibility to users to login in any machine of the LAN, and 
have they home directory mounted automaticaly.

Is that posible with autofs+LDAP?

THANKS

Re: autofs+LDAP

[Ian Kent]

On Sun, 2008-09-21 at 23:40 +0200, Mikel Jimenez wrote:
> Hello Guys
> 
> I have a OpenLDAP server with user accounts. Actually, i autheticate my 
> LAN machines to LDAP server and ALL OK.
> 
> I want that:
> 
> EXAMPLE:
> day 1:
> user1 login in machine1 and I want to mount via NFS, the home of this 
> user, that is in another storage server
> 
> day 2: user 1 login in machine6 and I want to mount via NFS, the home of 
> this user, that is in another storage server
> 
> 
> I want to have all users homes, in a centralized storage server, and 
> give the posibility to users to login in any machine of the LAN, and 
> have they home directory mounted automaticaly.
> 
> Is that posible with autofs+LDAP?

Basically yes, but there are a number of decisions about how this might
be setup at your site that don't relate specifically to autofs.

Ian

Re: autofs+LDAP

[Mikel Jimenez]

Ian Kent escribió:
> On Sun, 2008-09-21 at 23:40 +0200, Mikel Jimenez wrote:
>   
>> Hello Guys
>>
>> I have a OpenLDAP server with user accounts. Actually, i autheticate my 
>> LAN machines to LDAP server and ALL OK.
>>
>> I want that:
>>
>> EXAMPLE:
>> day 1:
>> user1 login in machine1 and I want to mount via NFS, the home of this 
>> user, that is in another storage server
>>
>> day 2: user 1 login in machine6 and I want to mount via NFS, the home of 
>> this user, that is in another storage server
>>
>>
>> I want to have all users homes, in a centralized storage server, and 
>> give the posibility to users to login in any machine of the LAN, and 
>> have they home directory mounted automaticaly.
>>
>> Is that posible with autofs+LDAP?
>>     
>
> Basically yes, but there are a number of decisions about how this might
> be setup at your site that don't relate specifically to autofs.
>
> Ian
>
>
>   
Ok. Thanks a lot for your time.

Can you guide me ?

Thanks another time

Re: autofs+LDAP

[Ian Kent]

On Mon, 2008-09-22 at 09:36 +0200, Mikel Jimenez wrote:
> Ian Kent escribió:
> > On Sun, 2008-09-21 at 23:40 +0200, Mikel Jimenez wrote:
> >   
> >> Hello Guys
> >>
> >> I have a OpenLDAP server with user accounts. Actually, i autheticate my 
> >> LAN machines to LDAP server and ALL OK.
> >>
> >> I want that:
> >>
> >> EXAMPLE:
> >> day 1:
> >> user1 login in machine1 and I want to mount via NFS, the home of this 
> >> user, that is in another storage server
> >>
> >> day 2: user 1 login in machine6 and I want to mount via NFS, the home of 
> >> this user, that is in another storage server
> >>
> >>
> >> I want to have all users homes, in a centralized storage server, and 
> >> give the posibility to users to login in any machine of the LAN, and 
> >> have they home directory mounted automaticaly.
> >>
> >> Is that posible with autofs+LDAP?
> >>     
> >
> > Basically yes, but there are a number of decisions about how this might
> > be setup at your site that don't relate specifically to autofs.
> >
> > Ian
> >
> >
> >   
> Ok. Thanks a lot for your time.
> 
> Can you guide me ?

Not really, much of this is site and preference specific.

For example, you need to decide what form you want for the home
directory paths to be.

Essentially, this means that if you have or expect to have at some
future time, several home directory servers, then do you want (and have
you got procedures in place to maintain the user account info) your home
directories to be /home/<server name> or /export/home/<server> or some
other variation and perform a single automount for a all users of a
given server or use a path independent of server and perform an
automount for every individual user. Or some other entirely different
approach.

Until you decide what you want to use for the home directory paths you
can't really do anything.

Ian


_______________________________________________
autofs mailing list
autofs@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/autofs

Re: autofs+LDAP

[Douglas E. Engert]

Ian Kent wrote:
> On Sun, 2008-09-21 at 23:40 +0200, Mikel Jimenez wrote:
>> Hello Guys
>>
>> I have a OpenLDAP server with user accounts. Actually, i autheticate my 
>> LAN machines to LDAP server and ALL OK.
>>
>> I want that:
>>
>> EXAMPLE:
>> day 1:
>> user1 login in machine1 and I want to mount via NFS, the home of this 
>> user, that is in another storage server
>>
>> day 2: user 1 login in machine6 and I want to mount via NFS, the home of 
>> this user, that is in another storage server
>>
>>
>> I want to have all users homes, in a centralized storage server, and 
>> give the posibility to users to login in any machine of the LAN, and 
>> have they home directory mounted automaticaly.
>>
>> Is that posible with autofs+LDAP?

In auto.master, you can have an entry like:
/home ldap:nisMapName=auto_XXXXX,ou=Autofs,....
and have each system specify a different auto_XXXXX location in LDAP to
start from.

Or you could have have script in place of the auto.home entry:
/home auto_select_script,....
where auto_select_script is a script that is passed the username.
It can use ldap to determine what to do.

> 
> Basically yes, but there are a number of decisions about how this might
> be setup at your site that don't relate specifically to autofs.
> 
> Ian
> 
> 
> _______________________________________________
> autofs mailing list
> autofs@linux.kernel.org
> http://linux.kernel.org/mailman/listinfo/autofs
> 
> 

-- 

  Douglas E. Engert  <DEEngert@anl.gov>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444