RHEL 7.5 - Storing Automount Maps in LDAP not working

T32803 · 05-17-2018, 10:49 AM

I followed the Red Hat document here:
https://access.redhat.com/documentat...ig-autofs-LDAP

But it does not work as stated. The above linked instructions state 3 tasks:

-------------------------------------------------------------------------
1. Verify BASE and URI are set correctly in /etc/openldap/ldap.conf:
-------------------------------------------------------------------------
#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE dc=example,dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never

TLS_CACERTDIR /etc/openldap/cacerts

# Turning this off breaks GSSAPI used with krb5 when rdns = false
SASL_NOCANON on
URI ldap://ldap02.testdomain.com/
BASE dc=testdomain,dc=com

-------------------------------------------------------------------------
2. edit /etc/autofs.conf to uncomment these lines:
-------------------------------------------------------------------------
map_object_class = automountMap
entry_object_class = automount
map_attribute = automountMapName
entry_attribute = automountKey
value_attribute= automountInformation

(By the way, the document seems in error stating /etc/sysconfig/autofs.
The location to uncomment is at /etc/autofs.conf. To be safe, I added these
lines in both files.)

-------------------------------------------------------------------------
3. Create the autofs ldif and ingest it with ldapadd command:
-------------------------------------------------------------------------
# extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: (&(objectclass=automountMap)(automountMapName=auto.master))
# requesting: ALL
#

# auto.master, testdomain.com
dn: automountMapName=auto.master,dc=testdomain,dc=com
objectClass: top
objectClass: automountMap
automountMapName: auto.master

# extended LDIF
#
# LDAPv3
# base <automountMapName=auto.master,dc=testdomain,dc=com> with scope subtree
# filter: (objectclass=automount)
# requesting: ALL
#

# /home, auto.master, testdomain.com
dn: automountMapName=auto.master,dc=testdomain,dc=com
objectClass: automount
cn: /home

automountKey: /home
automountInformation: auto.home

# extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: (&(objectclass=automountMap)(automountMapName=auto.home))
# requesting: ALL
#

# auto.home, testdomain.com
dn: automountMapName=auto.home,dc=testdomain,dc=com
objectClass: automountMap
automountMapName: auto.home

# extended LDIF
#
# LDAPv3
# base <automountMapName=auto.home,dc=testdomain,dc=com> with scope subtree
# filter: (objectclass=automount)
# requesting: ALL
#

# /home, auto.home, testdomain.com
dn: automountKey=/home,automountMapName=auto.home,dc=testdomain,dc=com
objectClass: automount
automountKey: /home
automountInformation: ldap02.testdomain.com:/export/home/&

-------------------------------------------------------------------------

The above procedure as followed by Red Hat’s online documentation does not work.
When I try to ingest the autofs ldif I get this error:

# ldapadd -x -D "cn=ldapadmin,dc=testdomain,dc=com" -f /etc/openldap/ldifs/autofs.ldif -W
Enter LDAP Password:
adding new entry "automountMapName=auto.master,dc=testdomain,dc=com"
ldap_add: Invalid DN syntax (34)
additional info: invalid DN

Has anyone been down this road and found out how to make this work ?

Background:
1. My test ldap server (ldap02.testdomain.com) works and I can login using ldap accounts.
2. I have autofs set up manually on one of my test clients mount /home and that works also.

Thanks for helping..