It may be that the basedn for autofs is just to find the maps. For
keys it can use the value directly because they point to real entries.
Its good to know that this works, but we still need some way
internally to detangle these and present the values in a way that it
is easy to pick and choose.
I suppose one idea would be to create a new kind of map share, common.
This would only allow ldap keys which could point to any valid key.
A common map could be added to any location.
I also found (not surprisingly) that a full dn had to be used in the
target map for sublevel maps if the target map I referred to using "ldap
dn-of-other-automount-map" contained additional maps.
A way to make sure this is always the case would be update the IPA
framework to always set the full dn to the sub map when it's being added
in the first place. I see IPA is already automatically adding the key in
the Parent map when it's specified during creation of a new indirect
automount map. That being said, referring to a full dn for sublevel maps
breaks on non-Linux, such as the Solaris' automounter.
Freeipa-users mailing list