[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
OpenLDAP Automount + Solaris 9 + Linux w/Wildcards
- To: openldap-software@OpenLDAP.org
- Subject: OpenLDAP Automount + Solaris 9 + Linux w/Wildcards
- From: "Tibbetts, Ric" <ric.tibbetts@ngc.com>
- Date: Wed, 01 Oct 2003 10:27:11 -0400
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030225
All;
I've been beating at this issue for a while now.
I've been trying to get Solaris to recognize the automount maps from
OpenLDAP, and use those via the nsswitch.conf (with no local flatfiles),
AND with wild cards. I need to automount the home dirs of 70,000 users,
there is no way I was going to put 70,000 automount files in, and have
to manage that.
The resounding answer I got was that it cannot be done, because of
problems with the character encoding differences between Solaris native
LDAP (on the client side), and OpenLDAP on the server side. Yes, you can
get the automounter to work, but I was told that the wild cards would not.
Well, after a bunch of chasing error logs, I finally cracked it
yesterday. Yes, the wild cards DO work. It's just a different set from
what was expected. The Linux (Redhat 9) clients expect "cn=/" for the
wild card. But the Solaris (9) clients want "cn=*"
Thus, I'm using two different sets of maps. A set of "auto_*" for
Solaris, and "auto.*" for Linux. I would want the two separate anyway,
as the Solaris boxes mount a different set of NFS filesystems than the
Linux clients do (they share the same /home, but other areas like /opt,
and /misc, etc., are different). I don't mind having two auto masters &
two auto homes. I didn't want 70,000 ;)
For anyone interested, I'm including the auto_* ldifs.
Note: With these files, you'll need to edit your nsswitch.conf to include:
automount: files ldap
Then it will check the local files first (in case you want to override
the ldap files), then it will check ldap.
In my case, at this time, I have no local /etc/auto* files at all. Thus,
I can control this from the server. So if an nfs server needs to change,
I change it one time, in one location.
So anyway:
First the Solaris ldifs:
#-------------------
#auto_master.ldif
dn: nisMapName=auto_master,ou=Services,dc=ldap-test,dc=com
objectclass: top
objectclass: nisMap
nismapname: auto_master
dn: cn=/home,nisMapName=auto_master,ou=Services,dc=ldap-test,dc=com
nismapname: auto_master
objectclass: nisObject
nismapentry: auto_home
cn: /home
#-------------------
#auto_home.ldif
dn: nisMapName=auto_home,ou=Services,dc=ldap-test,dc=com
objectclass: top
objectclass: nisMap
nismapname: auto_home
dn: cn=*,nisMapName=auto_home,ou=Services,dc=ldap-test,dc=com
objectclass: top
objectclass: nisObject
cn: *
nismapentry: nfs_server:/export/home/&
nismapname: auto_home
Then the Linux ldifs:
#-------------------
#auto.master.ldif
dn: nisMapName=auto.master,ou=Services,dc=ldap-test,dc=com
objectclass: top
objectclass: nisMap
nismapname: auto.master
dn: cn=/home,nisMapName=auto.master,ou=Services,dc=ldap-test,dc=com
nismapname: auto.master
objectclass: top
objectclass: nisObject
nismapentry:
ldap:ldap_server:nismapname=auto.home,ou=Services,dc=ldap-test,dc=com
cn: /home
#-------------------
#auto.home.ldif
dn: nisMapName=auto.home,ou=Services,dc=ldap-test,dc=com
objectclass: top
objectclass: nisMap
nismapname: auto.home
dn: cn=/,nisMapName=auto.home,ou=Services,dc=ldap-test,dc=com
objectclass: nisObject
cn: /
nismapentry: nfs_server:/export/home/&
nismapname: auto.home
They look so simple, now that they work. :)
I hope someone will find this usefull.
-Ric