Thanks for your answer. Then it was as i expected. Will use the workaround to store the missing data in the same auto.home-hierachy in the domain the client is joined to.
2018-03-02 14:54 GMT+01:00 Ondrej Valousek <[email protected]>: > Hi. > > What you are asking for can’t work as automounter: > > 1. Has no idea from which domain the mount request coming from (it > only sees – hey, mount /a/b for me) > > 2. Can be used for other mounts, not just user home areas so it > does not make much sense here either > > > > Ondrej > > > > *From:* Roger Martensson [mailto:[email protected]] > *Sent:* Friday, March 02, 2018 2:33 PM > *To:* [email protected] > *Subject:* [SSSD-users] autofs in a AD-forest > > > > Hi! > > I'm experiencing something that I'm not sure is as expected or not. > > First some data: > > OS: Ubuntu 16.04 > > SSSD Version: 1.13.4 > > > > I have managed to set up a SSSD against a AD-subdomain. NSS-lookup works. > Can use 'userid', '[email protected]' and UPN when looking up > an ID. > > I have set up a auto_home hierarchy in AD on subdomain1.domain.tld and > managed to get AutoFS to work using this and get a working homedirectory > using autofs and NFS. > > When I do this with a user in an another subdomain in the forest > (subdomain2.domain.tld) I get into trouble. ID-lookup works like a charm. I > have also set up a auto_home-hierarchy in this other subdomain. > > > > When looking in the logs is looks like the implementation of autofs only > uses the domain the SSSD is connected to. Not a single mention in the logs > about the other subdomain regarding to autofs. > > Is it correct to assume that autofs in multiple domains in a forest > doesn't work or am I doing something wrong? > > My sssd.conf looks like this. (some names have been changed to protect the > innocent) > > > [domain/subdomain1.domain.tld] > access_provider = ad > ad_domain = subdomain1.domain.tld > ad_hostname = client1.subdomain1.domain.tld > autofs_provider = ad > cache_credentials = True > debug_level = 8 > default_shell = /bin/bash > fallback_homedir = /userhome/%u > id_provider = ad > krb5_realm = SUBDOMAIN1.DOMAIN.TLD > krb5_store_password_if_offline = True > ldap_id_mapping = False > mkhomedir = false > realmd_tags = manages-system joined-with-adcli > > [sssd] > config_file_version = 2 > domains = subdomain1.domain.tld > services = nss,pam,autofs > > ----- > > The information contained in this e-mail and in any attachments is > confidential and is designated solely for the attention of the intended > recipient(s). If you are not an intended recipient, you must not use, > disclose, copy, distribute or retain this e-mail or any part thereof. If you > have received this e-mail in error, please notify the sender by return e-mail > and delete all copies of this e-mail from your computer system(s). Please > direct any additional queries to: [email protected]. Thank You. > Silicon and Software Systems Limited (S3 Group). Registered in Ireland no. > 378073. Registered Office: South County Business Park, Leopardstown, Dublin > 18. > > > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > >
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
