[Freeipa-users] Automounter maps
Ondrej Valousek
ondrejv at s3group.cz
Thu Jun 30 16:04:31 UTC 2011
Hmm,
To me, these instructions are very vague - for example it completely omits LDAP security configuration for the automounter (stored in
/etc/autofs_ldap_auth.conf). How does the automounter bind to the ldap server? Anonymously?
I would not recommend it.
I would recommend to configure automounter to use the host/ principal in the local Kerberos system database and bind using SASL/GSSAPI
instead. It is more secure and elegant solution.
Ondrej
On 30.06.2011 17:26, Adam Young wrote:
> Good point.
>
> Take a look at the test day instructions, I found them very useful for setting up both SUDO and automount.
>
> https://fedoraproject.org/wiki/QA:Testcase_freeipav2_automount
>
>
> On 06/30/2011 11:08 AM, Ondrej Valousek wrote:
>>
>>
>> On 30.06.2011 16:55, Rob Crittenden wrote:
>>> Look at the output of this for details: ipa help automount
>>
>> I see, thanks!
>> It would be nice to update man pages like:
>> http://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/configuring-automount.html
>> to say something like:
>> LDAP_URI="ldap:///dc=example,dc=com"
>> SEARCH_BASE="cn=<location>,cn=automount,dc=example,dc=com"
>> So people know more automounter's ability to locate ldap server via DNS SRV....
>>
>> Thanks!
>> Ondrej
>>
>>
>> _______________________________________________
>> Freeipa-users mailing list
>> Freeipa-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20110630/338b732b/attachment.htm>
More information about the Freeipa-users
mailing list