On 13/09/13 10:34, Rowland Penny wrote:
On 13/09/13 10:23, steve wrote:
On Fri, 2013-09-13 at 10:38 +0200, steve wrote:
On Fri, 2013-09-13 at 10:26 +0200, Jakub Hrozek wrote:
On Fri, Sep 13, 2013 at 01:53:13AM +0200, steve wrote:
Hi
Problems with autofs on a 1.11.1 git:
The only error I can see is this:
2013-09-13T01:47:34.264459+02:00 catral automount[2569]:
setautomntent:
lookup(sss): setautomntent: No such file or directory
and nothing gets mounted.
sssd starts fine. Here is the conf:
[sssd]
#debug_level = 6
services = nss, pam, autofs
config_file_version = 2
domains = default
[nss]
[pam]
[autofs]
[domain/default]
#debug_level=6
dyndns_update=true
#dyndns_refresh_interval=16
ad_hostname = catral.hh3.site
ad_server = hh16.hh3.site
ad_domain = hh3.site
ldap_schema = ad
id_provider = ad
access_provider = simple
enumerate = false
cache_credentials = true
#entry_cache_timeout = 60
auth_provider = krb5
chpass_provider = krb5
krb5_realm = HH3.SITE
krb5_server = hh16.hh3.site
krb5_kpasswd = hh16.hh3.site
ldap_id_mapping=false
ldap_referrals = false
ldap_uri = ldap://hh16.hh3.site
ldap_search_base = dc=hh3,dc=site
#ldap_tls_cacertdir = /usr/local/samba/private/tls
#ldap_id_use_start_tls = true
#entry_negative_timeout = 1
ldap_user_object_class = user
ldap_user_name = samAccountName
ldap_user_uid_number = uidNumber
ldap_user_gid_number = gidNumber
ldap_user_home_directory = unixHomeDirectory
ldap_user_shell = loginShell
ldap_group_object_class = group
ldap_group_search_base = dc=hh3,dc=site
ldap_group_name = cn
ldap_group_member = member
#ldap_default_bind_dn = cn=steve2,cn=Users,dc=dolores,dc=site
#ldap_default_authtok_type = password
#ldap_default_authtok = s2
ldap_sasl_mech = gssapi
ldap_sasl_authid = [email protected]
#krb5_keytab = /etc/krb5.keytab
ldap_krb5_init_creds = true
autofs_provider=ldap
ldap_autofs_search_base = DC=hh3,DC=site
ldap_autofs_map_object_class = nisMap
ldap_autofs_entry_object_class = nisObject
ldap_autofs_map_name = nisMapName
ldap_autofs_entry_key = cn
ldap_autofs_entry_value = nisMapEntry
Hi steve,
was this setup working previously?
No, it's a new setup. We want to go from files to sss.
Can you paste an example of your autofs map and entry in LDAP ?
dn:cn=/home/users,CN=auto.master,CN=HOME,CN=defaultMigrationContainer30,DC=hh3,DC=site
objectClass: top
objectClass: nisObject
cn: /home/users
name: /home/users
nisMapName: auto.master
nisMapEntry: auto.users
dn: CN=auto.users,CN=HOME,CN=defaultMigrationContainer30,DC=hh3,DC=site
objectClass: top
objectClass: nisMap
cn: auto.users
name: auto.users
nisMapName: auto.users
dn:
cn=cifsuser,CN=auto.users,CN=HOME,CN=defaultMigrationContainer30,DC=hh3,DC=site
objectClass: top
objectClass: nisObject
cn: cifsuser
name: cifsuser
msSFU30Name: cifsuser
msSFU30NisDomain: home
nisMapName: auto.users
nisMapEntry: *
-fstype=cifs,sec=krb5,username=cifsuser,multiuser ://altea/users/&
Thanks,
Steve
Sorry, I missed auto.master:
dn: CN=auto.master,CN=HOME,CN=defaultMigrationContainer30,DC=hh3,DC=site
objectClass: top
objectClass: nisMap
cn: auto.master
name: auto.master
_______________________________________________
sssd-devel mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
Can I chime in here, I am also trying to get this to work and it
isn't, the basic setup works if I use 'automount: files ldap' in
/etc/nsswitch, but if I change ldap to sss it stops working.
I get this in /var/log/sssd/sssd_home.lan.log:
(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [dp_get_options]
(0x0400): Option ldap_autofs_search_base has value
"CN=HOME,CN=defaultMigrationContainer30,DC=home,DC=lan"
but further down I get:
(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [sdap_autofs_init]
(0x2000): Initializing autofs LDAP back end
(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]]
[ldap_get_autofs_options] (0x0400): Search base not set, trying to
discover it later connecting to the LDAP server.
(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]]
[sdap_create_search_base] (0x0020): Invalid base DN
["CN=HOME,CN=defaultMigrationContainer30,DC=home,DC=lan"]
(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]]
[common_parse_search_base] (0x0100): Search base added:
[AUTOFS][cn][SUBTREE][�e^E+^M^?]
(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [sdap_get_map]
(0x0400): Option ldap_autofs_map_object_class has value "nisMap"
(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [sdap_get_map]
(0x0400): Option ldap_autofs_map_name has value nisMapName
(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [sdap_get_map]
(0x0400): Option ldap_autofs_entry_object_class has value "nisObject"
(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [sdap_get_map]
(0x0400): Option ldap_autofs_entry_key has value "cn"
(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [sdap_get_map]
(0x0400): Option ldap_autofs_entry_value has value "nisMapEntry"
(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [be_process_init]
(0x2000): autofs backend target successfully loaded from provider [ldap].
(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [client_registration]
(0x0100): Added Frontend client [autofs]
I can assure you that
'CN=HOME,CN=defaultMigrationContainer30,DC=home,DC=lan' exists in my
Samba 4 AD and would appear to be the format that windows wants.
Rowland
OK, I had been concentrating on the sssd logfiles, but when I looked in
/var/log/syslog I found this:
Sep 13 11:46:13 ThinkPad automount[2927]: open_lookup:93: cannot open
lookup module sss (/usr/lib/x86_64-linux-gnu/autofs/lookup_sss.so:
cannot open shared object file: No such file or directory)
If I look in /usr/lib/x86_64-linux-gnu/autofs I find:
-rw-r--r-- 1 root root 92640 Nov 14 2012 lookup_dir.so
-rw-r--r-- 1 root root 109200 Nov 14 2012 lookup_file.so
lrwxrwxrwx 1 root root 14 Nov 14 2012 lookup_files.so ->
lookup_file.so
-rw-r--r-- 1 root root 109304 Nov 14 2012 lookup_hosts.so
-rw-r--r-- 1 root root 155120 Nov 14 2012 lookup_ldap.so
lrwxrwxrwx 1 root root 14 Nov 14 2012 lookup_ldaps.so ->
lookup_ldap.so
-rw-r--r-- 1 root root 113184 Nov 14 2012 lookup_multi.so
-rw-r--r-- 1 root root 100976 Nov 14 2012 lookup_nisplus.so
lrwxrwxrwx 1 root root 12 Nov 14 2012 lookup_nis.so -> lookup_yp.so
-rw-r--r-- 1 root root 96824 Nov 14 2012 lookup_program.so
-rw-r--r-- 1 root root 92640 Nov 14 2012 lookup_userhome.so
-rw-r--r-- 1 root root 100960 Nov 14 2012 lookup_yp.so
.........
Yes, it is not there, I am using sssd 1.10.1 that I compiled myself, so
I probably missed something when I ran configure, but what? this is the
configure line I used:
./configure --build=x86_64-unknown-linux-gnu
--host=x86_64-unknown-linux-gnu --target=x86_64-debian-linux-gnu
--program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin
--sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share
--includedir=/usr/include --libdir=/usr/lib/x86_64-linux-gnu
--libexecdir=/usr/lib/x86_64-linux-gnu/sssd --localstatedir=/var
--sharedstatedir=/var/lib --mandir=/usr/share/man
--infodir=/usr/share/info --enable-nsslibdir=/lib/x86_64-linux-gnu
--enable-pammoddir=/lib/x86_64-linux-gnu/security
--with-krb5-rcache-dir=/var/cache/krb5rcache --with-initscript=sysv
--with-test-dir=/dev/shm --enable-all-experimental-features
--with-default-ccache-dir=/run/user/%U
--with-default-ccname-template=DIR:%d/ccdir
--cache-file=/tmp/ubuconfig.cache
Rowland
_______________________________________________
sssd-devel mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
