On (28/06/16 11:50), Jakub Hrozek wrote: >From b493cee9976b8dd62bea3d8f09b88ce809a40980 Mon Sep 17 00:00:00 2001 >From: Jakub Hrozek <jhro...@redhat.com> >Date: Thu, 19 Nov 2015 10:40:39 +0100 >Subject: [PATCH] LDAP: Change the default rfc2307 autofs attribute mappings > >Resolves: > https://fedorahosted.org/sssd/ticket/2858 > >The default attribute mappings we used to have: > ldap_autofs_map_object_class automountMap > ldap_autofs_map_name ou > ldap_autofs_entry_object_class automount > ldap_autofs_entry_key cn > ldap_autofs_entry_value automountInformation > >Was wrong. Instead, this patch switches to: > ldap_autofs_map_object_class nisMap > ldap_autofs_map_name nisMapName > ldap_autofs_entry_object_class nisObject > ldap_autofs_entry_key cn > ldap_autofs_entry_value nisMapEntry > >Which are attributes that are available with servers running the default >rfc2307 schema. In addition, this patch adds a syslog and DEBUG message >that warns administrators to double-check their configuration. > >We don't warn when the autofs provider is set to AD, because that one >is already correct. >--- > src/man/sssd-ldap.5.xml | 17 ++++---- > src/providers/ldap/ldap_common.h | 6 +++ > src/providers/ldap/ldap_options.c | 83 ++++++++++++++++++++++++++++++++++++++- > src/providers/ldap/ldap_opts.c | 8 ++-- > src/providers/ldap/sdap_autofs.c | 17 ++++++++ > 5 files changed, 119 insertions(+), 12 deletions(-) > >diff --git a/src/providers/ldap/ldap_opts.c b/src/providers/ldap/ldap_opts.c >index >ff9bf0d8b6d4a8f677e08219e5105e3750b7a4a8..524579d4fcd478f20678bebf2c3ce18f61ed0cb9 > 100644 >--- a/src/providers/ldap/ldap_opts.c >+++ b/src/providers/ldap/ldap_opts.c >@@ -349,15 +349,15 @@ struct sdap_attr_map service_map[] = { > }; > > struct sdap_attr_map rfc2307_autofs_mobject_map[] = { >- { "ldap_autofs_map_object_class", "automountMap", SYSDB_AUTOFS_MAP_OC, >NULL }, >- { "ldap_autofs_map_name", "ou", SYSDB_AUTOFS_MAP_NAME, NULL }, >+ { "ldap_autofs_map_object_class", "nisMap", SYSDB_AUTOFS_MAP_OC, NULL }, >+ { "ldap_autofs_map_name", "nisMapName", SYSDB_AUTOFS_MAP_NAME, NULL }, > SDAP_ATTR_MAP_TERMINATOR > }; > > struct sdap_attr_map rfc2307_autofs_entry_map[] = { >- { "ldap_autofs_entry_object_class", "automount", SYSDB_AUTOFS_ENTRY_OC, >NULL }, >+ { "ldap_autofs_entry_object_class", "nisObject", SYSDB_AUTOFS_ENTRY_OC, >NULL }, > { "ldap_autofs_entry_key", "cn", SYSDB_AUTOFS_ENTRY_KEY, NULL }, >- { "ldap_autofs_entry_value", "automountInformation", >SYSDB_AUTOFS_ENTRY_VALUE, NULL }, >+ { "ldap_autofs_entry_value", "nisMapEntry", SYSDB_AUTOFS_ENTRY_VALUE, >NULL }, > SDAP_ATTR_MAP_TERMINATOR > }; > >diff --git a/src/providers/ldap/sdap_autofs.c >b/src/providers/ldap/sdap_autofs.c >index >c02c04d5ca5addbfd1552176cac5f74fdd592503..db41b650ddcda99e6c221e856c259fcc43a10436 > 100644 >--- a/src/providers/ldap/sdap_autofs.c >+++ b/src/providers/ldap/sdap_autofs.c >@@ -313,6 +313,23 @@ errno_t sdap_autofs_init(TALLOC_CTX *mem_ctx, > return ret; > } > >+ if (id_ctx->opts->schema_type == SDAP_SCHEMA_AD) { >+ if (ldap_ad_autofs_schema_defaults(be_ctx->cdb, >+ be_ctx->conf_path)) { >+ DEBUG(SSSDBG_IMPORTANT_INFO, >+ "Your configuration uses the ldap autofs provider " >+ "with schema set to \"ad\" and default autofs attribute " >+ "mappings. The default map changed in this release, " >+ "please make sure the sssd configuration explicitly matches " >+ "the server attributes."); >+ sss_log(SSS_LOG_NOTICE, >+ _("Your configuration uses the ldap autofs provider " >+ "with schema set to \"ad\" and default autofs attribute " >+ "mappings. The default map changed in this release, " >+ "please make sure the sssd configuration explicitly matches >" >+ "the server attributes.")); Do we really need to log message for ad schema? I thought we will log message about change just for rfc2307.
IIRC AD does not have by default schema for autofs. LS _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org
