Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Solaris Operating System >> Solaris 10 Features

Solaris 10 automount against OpenLDAP server

Hi ya'll,

Another Solaris question that I'm searching around about...

I'm using Solaris's native LDAP client on Soalris 10 6/06. My LDAP server is an OpenLDAP server under Fedora Core 5. The Solaris client can talk to the server fine, everything is cool except for the fact that automounting isn't working. I'm guessing it's a schema issue but I'm not sure where to go... I'll post a few examples of my config and maybe someone can see something wrong:

From /etc/nsswitch.conf:

automount: files ldap

/etc/auto_master:

/projects auto.projects

/home auto.home

/- auto.direct -rw,hard,intr

from nis.schema file on OpenLDAP server:

attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName'

SUP name )

attributetype ( 1.3.6.1.1.1.1.27 NAME 'NisMapEntry'

EQUALITY caseExactIA5Match

SUBSTR caseExactIA5SubstringsMatch

SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE )

objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL

DESC 'A generic abstraction of a NIS map'

MUST nisMapName

MAY description )

objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top STRUCTURAL

DESC 'An entry in a NIS map'

MUST ( cn $ NisMapEntry $ nisMapName )

MAY description )

On the LDAP server the automounts are listed as "nisMapName=auto.home" etc.

I read somewhere that in the nis.schema file, all references to "nisMapEntry" need to be changed to all lowercase, ie "nismapentry", but I tried that and restarted the LDAP server, restarted autofs on the client, still nothing. Does anyone know what schema changes need to be made? Or maybe changes that need to be made to something else that I'm not aware of? Or do I need to make any other schema changes to my Solaris 10 native LDAP client as well?

This is a clip from the OpenLDAP log on the OpenLDAP server. It seems like the automount information request is getting through, but maybe the data it returns to Solaris is in an unrecognizable format or something?

--

do_search

ber_scanf fmt ({miiiib) ber:

>>> dnPrettyNormal: <nisMapName=auto.projects,dc=soe,dc=ucsc,dc=edu>

<<< dnPrettyNormal: <nisMapName=auto.projects,dc=soe,dc=ucsc,dc=edu>, <nisMapName=auto.projects,dc=soe,dc=ucsc,dc=edu>

ber_scanf fmt ({mm}) ber:

ber_scanf fmt ({mm}) ber:

ber_scanf fmt ({M}}) ber:

==> limits_get: conn=35 op=0 dn="[anonymous]"

=> bdb_search

bdb_dn2entry("nisMapName=auto.projects,dc=soe,dc=ucsc,dc=edu")

search_candidates: base="nisMapName=auto.projects,dc=soe,dc=ucsc,dc=edu" (0x0000070d) scope=1

=> bdb_equality_candidates (objectClass)

=> key_read

<= bdb_index_read: failed (-30989)

<= bdb_equality_candidates: id=0, first=0, last=0

=> bdb_dn2idl("nisMapName=auto.projects,dc=soe,dc=ucsc,dc=edu")

<= bdb_dn2idl: id=111 first=1806 last=1916

=> bdb_equality_candidates (objectClass)

=> key_read

<= bdb_index_read: failed (-30989)

<= bdb_equality_candidates: id=0, first=0, last=0

bdb_search_candidates: id=0 first=1806 last=0

bdb_search: no candidates

send_ldap_result: conn=35 op=0 p=3

send_ldap_response: msgid=1 tag=101 err=0

ber_flush: 14 bytes to sd 18

daemon: activity on 1 descriptor

daemon: activity on: 18r

daemon: read active on 18

connection_get(18): got connid=35

connection_read(18): checking for input on id=35

ber_get_next

ber_get_next: tag 0x30 len 5 contents:

ber_get_next

ber_get_next on fd 18 failed errno=0 (Success)

connection_read(18): input error=-2 id=35, closing.

connection_closing: readying conn=35 sd=18 for close

connection_close: deferring conn=35 sd=18

daemon: select: listen=7 active_threads=0 tvp=NULL

daemon: select: listen=8 active_threads=0 tvp=NULL

daemon: select: listen=9 active_threads=0 tvp=NULL

daemon: select: listen=10 active_threads=0 tvp=NULL

daemon: activity on 1 descriptor

daemon: activity on:

daemon: select: listen=7 active_threads=0 tvp=NULL

daemon: select: listen=8 active_threads=0 tvp=NULL

daemon: select: listen=9 active_threads=0 tvp=NULL

daemon: select: listen=10 active_threads=0 tvp=NULL

do_unbind

Linux clients work out of the box without any config changes (but then again these linux clients come stock with an openldap client so I'm not surprised they would communicate with one of their own kind).

Thanks in advance for any insight!!!

ciao, erich

[4712 byte] By [bubble1975] at [2007-11-26 8:53:42]
«« Blank Indentity error
»» End of support for old Solaris releases
# 1

It is a pity that www.ldapguru.org which keeps quite a few postings on LDAP automount issues is having site down for many months.

If I could remember correctly, only pre-Solaris8 LDAP Clients without the LDAPv2 patch supports the automount schema (auto.* maps) that is used by Linux LDAP clients.

Solaris8/9/10 Native LDAP Clients with LDAPv2 Libraries support a different set of automount schema (auto_* maps), you got to add solaris_automount.schema into slapd.conf to provide for this.

See:

http://web.singnet.com.sg/~garyttt/

1. Installing and Configuring OpenLDAP for RedHat Enterprise Linux3

Step 5X: Configure 揳utomount?to work with RedHat or Solaris Native LDAP Clients

To debug on Solaris Native LDAP Client, run these two lines in sequence to start autofs:

# /usr/lib/autofs/automountd -Tvn

# /usr/sbin/automount &

Note that I had tested Step5X on Solaris8/9 LDAPv2 clients, I presume it should work for Solaris10.

Gary

gary_tay at 2007-7-6 22:48:30 > top of Java-index,Solaris Operating System,Solaris 10 Features...
# 2

Hi Gary,

i've got the automounter working with OpenLDAP, but not the SSD

here are my results:

$ ldaplist auto_master

dn: cn=/home,ou=NFSMounts,dc=m-x

dn: cn=/data,ou=NFSMounts,dc=m-x

$ ldaplist auto_home

dn: automountMapName=auto_home,uid=bill,ou=People,dc=m-x

$ ldaplist auto_data

dn: automountMapName=auto_data,uid=bill,ou=People,dc=m-x

$ ls -l /home

total 2

dr-xr-xr-x 1 root root 1 Nov 16 11:13 billdata

dr-xr-xr-x 1 root root 1 Nov 16 11:13 billhome

$ ls -l /data

total 2

dr-xr-xr-x 1 root root 1 Nov 16 11:13 billdata

dr-xr-xr-x 1 root root 1 Nov 16 11:13 billhome

and here are my configs:

/var/ldap/ldap_client_file:

NS_LDAP_FILE_VERSION= 2.0

NS_LDAP_SERVERS= xxx

NS_LDAP_SEARCH_BASEDN= dc=m-x

NS_LDAP_AUTH= simple

NS_LDAP_SEARCH_SCOPE= sub

NS_LDAP_CACHETTL= 3600

NS_LDAP_CREDENTIAL_LEVEL= proxy

NS_LDAP_SERVICE_SEARCH_DESC= passwd:ou=People,dc=m-x

NS_LDAP_SERVICE_SEARCH_DESC= group:ou=Group,dc=m-x

NS_LDAP_SERVICE_SEARCH_DESC= auto_master:ou=NFSMounts,dc=m-x

NS_LDAP_SERVICE_SEARCH_DESC= auto_data:ou=People,dc=m-x?sub?nisMapName=auto_data

NS_LDAP_SERVICE_SEARCH_DESC= auto_home:ou=People,dc=m-x?sub?nisMapName=auto_home

NS_LDAP_ATTRIBUTEMAP= automount:automountKey=cn

NS_LDAP_ATTRIBUTEMAP= automount:automountInformation=nisMapEntry

NS_LDAP_ATTRIBUTEMAP= automount:automountMapName=nisMapName

NS_LDAP_ATTRIBUTEMAP= passwd:gecos=cn

NS_LDAP_OBJECTCLASSMAP= automount:automount=nisObject

NS_LDAP_OBJECTCLASSMAP= automount:automountMap=nisMap

ldif entries:

dn: nisMapName=auto_home,uid=bill,ou=People,dc=m-x

objectClass: top

objectClass: nisObject

nisMapEntry: host1:/export/home/bill

nisMapName: auto_home

cn: billhome

dn: nisMapName=auto_data,uid=bill,ou=People,dc=m-x

objectClass: top

objectClass: nisObject

cn: billdata

nisMapEntry: host1:/export/data/bill

nisMapName: auto_data

snooping the network, i see that the calls from ldaplist include the nisMapName=auto_* filter, while the calls made by the automounter don't

is there a way to get the automounter to respect the SSD?

thank you,

Billy

b_nadeau at 2007-7-6 22:48:30 > top of Java-index,Solaris Operating System,Solaris 10 Features...
Solaris Operating System
Solaris 10 Features

Solaris Operating System New Topic

Solaris Operating System Hot Topic

Solaris Operating System

All Classified