On 05/24/2013 05:48 PM, Nalin Dahyabhai wrote:
> On Fri, May 24, 2013 at 12:01:04PM +0200, Sigbjorn Lie wrote:
>> The compat module would have to be extended to support displaying selected 
>> automount maps from one
>> location in a different location. I do not know the internals of the compat 
>> plugin so what I'm
>> asking might be unable/hard to achieve with the compat plugin - I was 
>> referring to it because of
>> it's ability to mirror one part of the ldap tree to a different part of the 
>> ldap tree.
> The compat plugin's usually used to make a group of entries appear
> somewhere else, which isn't _quite_ the same thing as making part of the
> tree show up elsewhere, since the tree structure isn't preserved, but if
> you don't mind "flattening" of the results when your source is split up
> in the hierarchy of a subtree, that won't be a problem.
> Otherwise, yeah, if that newly-created part of the tree, where the
> plugin's making the fake entries appear, happens to be under a subtree
> which autofs is searching for a given map's contents, then I don't see a
> reason why it shouldn't work.  The configuration for the compat plugin
> would probably simply copy specific attributes rather than doing any
> real manipulation their values, much like we do for user entries under
> cn=users,cn=compat.  I guess you could either "tag" entries for
> inclusion in a way that they'd match the filter which the compat
> plugin's configured to use when searching for source entries, or grab
> all of the entries in that given source area.
> Whenever you added a new automount location, you'd need to add a new
> mostly-boilerplate configuration entry under "cn=Schema Compatibility,
> cn=plugins, cn=config" to have that same group of entries with the same
> contents show up in the new location's part of the tree, but that would
> be about it.
> Also, if you're not rewriting attribute values, you could probably also
> ccomplish it with managed entries, since it plays in a similar area.  Or
> perhaps it could be done with just referrals, though that depends on the
> client to follow them.
> HTH,
> Nalin
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
Thanks Nalin.
Sounds like another HOW TO is brewing here.

Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.

Looking to carve out IT costs?

Freeipa-users mailing list

Reply via email to