[Freeipa-devel] automount in LDAP

Rob Crittenden rcritten at redhat.com
Mon Nov 10 23:08:40 UTC 2008 

Simo Sorce wrote:
> On Mon, 2008-11-10 at 15:18 -0500, Rob Crittenden wrote:
>> Simo Sorce wrote:
>>> On Mon, 2008-11-10 at 10:10 -0500, Rob Crittenden wrote:
>>>> And this is what I meant by poor choices now affecting the future :-)
>>>>
>>>> Right now I'm sort of waving my hand saying 'location will be in the DN 
>>>> of the automount entry' but I don't yet say where I'm storing location 
>>>> other than in the DN. This will require the UI to fetch all the 
>>>> automount entries and sift thru the names to determine the list of 
>>>> locations to present to a user.
>>> Is it necessary to store it in the DN ?
>>> Why can't we add it into the entry instead ?
>> Because all shares are rooted in the same place, auto_master. So we need 
>> a separate auto_master for each location. Our UI would be clever enough 
>> to look at another attribute but the autofs code isn't.
> 
> Ok in this case I would just name these configurations with admin chosen
> names, and not refer to them as locations, with cn=default being the
> default.
> Let's just provide a way to name their configuration so that if admins
> need more than one for different set of clients they can easily do it,
> but let's not call this name a "location", as it can be anything the
> admin want's to call it.
> We can add the concept of location later on as attributes.
> 
> Simo.
> 

Ok, for clarification, this is why I'm proposing having the 
location/name/whatever in the DN.

You have to supply a base search DN in the autofs config file, on Linux 
anyway.

So if we cleverly supply this baseDN it is easy to support multiple 
configurations.

autofs searches for its base configuration like this:

SRCH base="dc=example,dc=com" scope=2 
filter="(&(objectClass=automountMap)(automountMapName=auto.master))" 
attrs="automountMapName"

So if we can set that base to something where a unique auto.master will 
be found we can control what is in that master. It seems like that is 
the only thing that truly needs to be unique.

rob

More information about the Freeipa-devel mailing list