Forum Stats

  • 3,853,759 Users
  • 2,264,266 Discussions
  • 7,905,444 Comments

Discussions

Solaris 10 automount against OpenLDAP server

807557
807557 Member Posts: 35,835
edited Nov 16, 2006 3:03PM in Solaris 10
Hi ya'll,

Another Solaris question that I'm searching around about...

I'm using Solaris's native LDAP client on Soalris 10 6/06. My LDAP server is an OpenLDAP server under Fedora Core 5. The Solaris client can talk to the server fine, everything is cool except for the fact that automounting isn't working. I'm guessing it's a schema issue but I'm not sure where to go... I'll post a few examples of my config and maybe someone can see something wrong:

From /etc/nsswitch.conf:
automount: files ldap

/etc/auto_master:
/projects auto.projects
/home auto.home
/- auto.direct -rw,hard,intr

from nis.schema file on OpenLDAP server:

attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName'
SUP name )


attributetype ( 1.3.6.1.1.1.1.27 NAME 'NisMapEntry'
EQUALITY caseExactIA5Match
SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE )


objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL
DESC 'A generic abstraction of a NIS map'
MUST nisMapName
MAY description )


objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top STRUCTURAL
DESC 'An entry in a NIS map'
MUST ( cn $ NisMapEntry $ nisMapName )
MAY description )

On the LDAP server the automounts are listed as "nisMapName=auto.home" etc.

I read somewhere that in the nis.schema file, all references to "nisMapEntry" need to be changed to all lowercase, ie "nismapentry", but I tried that and restarted the LDAP server, restarted autofs on the client, still nothing. Does anyone know what schema changes need to be made? Or maybe changes that need to be made to something else that I'm not aware of? Or do I need to make any other schema changes to my Solaris 10 native LDAP client as well?

This is a clip from the OpenLDAP log on the OpenLDAP server. It seems like the automount information request is getting through, but maybe the data it returns to Solaris is in an unrecognizable format or something?

-----------

do_search
ber_scanf fmt (
miiiib) ber:
dnPrettyNormal: <nisMapName=auto.projects,dc=soe,dc=ucsc,dc=edu><<< dnPrettyNormal: <nisMapName=auto.projects,dc=soe,dc=ucsc,dc=edu>, <nisMapName=auto.projects,dc=soe,dc=ucsc,dc=edu>ber_scanf fmt ({mm) ber:
ber_scanf fmt ({mm}) ber:
ber_scanf fmt ({M}}) ber:
==> limits_get: conn=35 op=0 dn="[anonymous]"
=> bdb_search
bdb_dn2entry("nisMapName=auto.projects,dc=soe,dc=ucsc,dc=edu")
search_candidates: base="nisMapName=auto.projects,dc=soe,dc=ucsc,dc=edu" (0x0000070d) scope=1
=> bdb_equality_candidates (objectClass)
=> key_read
<= bdb_index_read: failed (-30989)
<= bdb_equality_candidates: id=0, first=0, last=0
=> bdb_dn2idl("nisMapName=auto.projects,dc=soe,dc=ucsc,dc=edu")
<= bdb_dn2idl: id=111 first=1806 last=1916
=> bdb_equality_candidates (objectClass)
=> key_read
<= bdb_index_read: failed (-30989)
<= bdb_equality_candidates: id=0, first=0, last=0
bdb_search_candidates: id=0 first=1806 last=0
bdb_search: no candidates
send_ldap_result: conn=35 op=0 p=3
send_ldap_response: msgid=1 tag=101 err=0
ber_flush: 14 bytes to sd 18
daemon: activity on 1 descriptor
daemon: activity on: 18r
daemon: read active on 18
connection_get(18): got connid=35
connection_read(18): checking for input on id=35
ber_get_next
ber_get_next: tag 0x30 len 5 contents:
ber_get_next
ber_get_next on fd 18 failed errno=0 (Success)
connection_read(18): input error=-2 id=35, closing.
connection_closing: readying conn=35 sd=18 for close
connection_close: deferring conn=35 sd=18
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: select: listen=8 active_threads=0 tvp=NULL
daemon: select: listen=9 active_threads=0 tvp=NULL
daemon: select: listen=10 active_threads=0 tvp=NULL
daemon: activity on 1 descriptor
daemon: activity on:
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: select: listen=8 active_threads=0 tvp=NULL
daemon: select: listen=9 active_threads=0 tvp=NULL
daemon: select: listen=10 active_threads=0 tvp=NULL
do_unbind

Linux clients work out of the box without any config changes (but then again these linux clients come stock with an openldap client so I'm not surprised they would communicate with one of their own kind).

Thanks in advance for any insight!!!

ciao, erich

Comments

  • 807557
    807557 Member Posts: 35,835
    It is a pity that www.ldapguru.org which keeps quite a few postings on LDAP automount issues is having site down for many months.

    If I could remember correctly, only pre-Solaris8 LDAP Clients without the LDAPv2 patch supports the automount schema (auto.* maps) that is used by Linux LDAP clients.

    Solaris8/9/10 Native LDAP Clients with LDAPv2 Libraries support a different set of automount schema (auto_* maps), you got to add solaris_automount.schema into slapd.conf to provide for this.

    See:

    http://web.singnet.com.sg/~garyttt/

    1. Installing and Configuring OpenLDAP for RedHat Enterprise Linux3

    Step 5X: Configure �automount� to work with RedHat or Solaris Native LDAP Clients

    To debug on Solaris Native LDAP Client, run these two lines in sequence to start autofs:
    # /usr/lib/autofs/automountd -Tvn
    # /usr/sbin/automount &

    Note that I had tested Step5X on Solaris8/9 LDAPv2 clients, I presume it should work for Solaris10.

    Gary
  • 807557
    807557 Member Posts: 35,835
    Hi Gary,

    i've got the automounter working with OpenLDAP, but not the SSD

    here are my results:

    $ ldaplist auto_master
    dn: cn=/home,ou=NFSMounts,dc=m-x
    dn: cn=/data,ou=NFSMounts,dc=m-x

    $ ldaplist auto_home
    dn: automountMapName=auto_home,uid=bill,ou=People,dc=m-x

    $ ldaplist auto_data
    dn: automountMapName=auto_data,uid=bill,ou=People,dc=m-x

    $ ls -l /home
    total 2
    dr-xr-xr-x 1 root root 1 Nov 16 11:13 billdata
    dr-xr-xr-x 1 root root 1 Nov 16 11:13 billhome

    $ ls -l /data
    total 2
    dr-xr-xr-x 1 root root 1 Nov 16 11:13 billdata
    dr-xr-xr-x 1 root root 1 Nov 16 11:13 billhome


    and here are my configs:

    /var/ldap/ldap_client_file:
    NS_LDAP_FILE_VERSION= 2.0
    NS_LDAP_SERVERS= xxx
    NS_LDAP_SEARCH_BASEDN= dc=m-x
    NS_LDAP_AUTH= simple
    NS_LDAP_SEARCH_SCOPE= sub
    NS_LDAP_CACHETTL= 3600
    NS_LDAP_CREDENTIAL_LEVEL= proxy
    NS_LDAP_SERVICE_SEARCH_DESC= passwd:ou=People,dc=m-x
    NS_LDAP_SERVICE_SEARCH_DESC= group:ou=Group,dc=m-x
    NS_LDAP_SERVICE_SEARCH_DESC= auto_master:ou=NFSMounts,dc=m-x
    NS_LDAP_SERVICE_SEARCH_DESC= auto_data:ou=People,dc=m-x?sub?nisMapName=auto_data
    NS_LDAP_SERVICE_SEARCH_DESC= auto_home:ou=People,dc=m-x?sub?nisMapName=auto_home
    NS_LDAP_ATTRIBUTEMAP= automount:automountKey=cn
    NS_LDAP_ATTRIBUTEMAP= automount:automountInformation=nisMapEntry
    NS_LDAP_ATTRIBUTEMAP= automount:automountMapName=nisMapName
    NS_LDAP_ATTRIBUTEMAP= passwd:gecos=cn
    NS_LDAP_OBJECTCLASSMAP= automount:automount=nisObject
    NS_LDAP_OBJECTCLASSMAP= automount:automountMap=nisMap

    ldif entries:

    dn: nisMapName=auto_home,uid=bill,ou=People,dc=m-x
    objectClass: top
    objectClass: nisObject
    nisMapEntry: host1:/export/home/bill
    nisMapName: auto_home
    cn: billhome

    dn: nisMapName=auto_data,uid=bill,ou=People,dc=m-x
    objectClass: top
    objectClass: nisObject
    cn: billdata
    nisMapEntry: host1:/export/data/bill
    nisMapName: auto_data


    snooping the network, i see that the calls from ldaplist include the nisMapName=auto_* filter, while the calls made by the automounter don't

    is there a way to get the automounter to respect the SSD?

    thank you,

    Billy
This discussion has been closed.