at and cron vs. ldap SOLUTION!!
Stephen Walton
stephen.walton at csun.edu
Mon Jan 12 17:54:05 UTC 2004
Bevan C. Bennett wrote:
> Stephen Walton wrote:
>
> In this case [for LDAP users] (perhaps system
> accounts neccessary for running a SAMBA PDC) you might want to use
> 'account' rather than 'inetOrgPerson', since these aren't people and
> don't need all the 'people-ish' extra attributes.
I'll look into the implications of this. I was following those articles
I keep talking about in Linux Journal, but I see the scripts in
/usr/share/openldap/migration use 'account' instead of 'inetOrgPerson'
so that's probably the way to go.
>> since RH9
>> I've been seeing lines in /var/log/messages like:
>>
>> Jan 8 14:23:55 server automount[21351]: lookup(ldap): query succeeded,
>> no matches for (&(objectclass=nisObject)(cn=/))
>
> You'll get these if you have:
> automount: files ldap
> listed in your /etc/nsswitch.conf but don't have the automount info
Actually that's not the cause. I'm using the older automount-style
LDIFs for autofs, like:
# auto.master, domain.com
dn: ou=auto.master,dc=domain,dc=com
objectClass: top
objectClass: automountMap
ou: auto.master
# /home, auto.master, domain.com
dn: cn=/home,ou=auto.master,dc=domain,dc=com
objectClass: automount
automountInformation: ldap:ldaphost.domain.com:ou=auto.home,dc=domain,dc=com
cn: /home
Hence the errors about nisObject lookups failing. It appears that the
current autofs startup script for FC1 wants the newer nisObject form as
in your e-mail rather than the one I'm using. This is, of course, also
the one generated by the current migration scripts.
Sigh, don't really want to rewrite my LDIF files but may have to.
Steve
--
Stephen Walton, Professor, Dept. of Physics & Astronomy, Cal State
Northridge
stephen.walton at csun.edu
More information about the fedora-list
mailing list