On 05/24/2013 05:48 PM, Nalin Dahyabhai wrote:
> On Fri, May 24, 2013 at 12:01:04PM +0200, Sigbjorn Lie wrote:
>> The compat module would have to be extended to support displaying selected
>> automount maps from one
>> location in a different location. I do not know the internals of the compat
>> plugin so what I'm
>> asking might be unable/hard to achieve with the compat plugin - I was
>> referring to it because of
>> it's ability to mirror one part of the ldap tree to a different part of the
>> ldap tree.
> The compat plugin's usually used to make a group of entries appear
> somewhere else, which isn't _quite_ the same thing as making part of the
> tree show up elsewhere, since the tree structure isn't preserved, but if
> you don't mind "flattening" of the results when your source is split up
> in the hierarchy of a subtree, that won't be a problem.
> Otherwise, yeah, if that newly-created part of the tree, where the
> plugin's making the fake entries appear, happens to be under a subtree
> which autofs is searching for a given map's contents, then I don't see a
> reason why it shouldn't work. The configuration for the compat plugin
> would probably simply copy specific attributes rather than doing any
> real manipulation their values, much like we do for user entries under
> cn=users,cn=compat. I guess you could either "tag" entries for
> inclusion in a way that they'd match the filter which the compat
> plugin's configured to use when searching for source entries, or grab
> all of the entries in that given source area.
> Whenever you added a new automount location, you'd need to add a new
> mostly-boilerplate configuration entry under "cn=Schema Compatibility,
> cn=plugins, cn=config" to have that same group of entries with the same
> contents show up in the new location's part of the tree, but that would
> be about it.
> Also, if you're not rewriting attribute values, you could probably also
> ccomplish it with managed entries, since it plays in a similar area. Or
> perhaps it could be done with just referrals, though that depends on the
> client to follow them.
> Freeipa-users mailing list
Sounds like another HOW TO is brewing here.
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
Looking to carve out IT costs?
Freeipa-users mailing list