It may be that the basedn for autofs is just to find the maps. For keys it can use the value directly because they point to real entries.

Its good to know that this works, but we still need some way internally to detangle these and present the values in a way that it is easy to pick and choose.

I suppose one idea would be to create a new kind of map share, common. This would only allow ldap keys which could point to any valid key.

A common map could be added to any location.

I also found (not surprisingly) that a full dn had to be used in the target map for sublevel maps if the target map I referred to using "ldap dn-of-other-automount-map" contained additional maps.

A way to make sure this is always the case would be update the IPA framework to always set the full dn to the sub map when it's being added in the first place. I see IPA is already automatically adding the key in the Parent map when it's specified during creation of a new indirect automount map. That being said, referring to a full dn for sublevel maps breaks on non-Linux, such as the Solaris' automounter.


Freeipa-users mailing list

Reply via email to