SSSD Users,
I'm having a problem using a combination of both local files and LDAP as sources for automount information.
Historically, our site has always used LDAP for automount map information, and all systems used the same NFS home directories.
I'm now setting up a new HPC cluster, and I want the home directories (mounted as /u/<username>to be local to that cluster. The home directories will be provided by the master note of that cluster, but I still want to use the LDAP provided mount information for our project directories (mounted as /p/<project_name>. I want /etc/auto.home to be consulted for /u, but use the auto.projects automountmap in LDAP for /p. This should be simple, but it's not working for me:
# automount -m autofs dump map information ===========================
global options: none configured
Mount point: /u source(s):
instance type(s): file map: /etc/auto.home
* | ranger-master:/home/&
Mount point: /p
source(s):
instance type(s): sss map: auto.projects
no keys found in map
I created this /etc/auto.master file:
/u /etc/auto.home /p auto.projects
And have this in my /etc/auto.home:
* cluster-master:/home/&
I could swear this worked last week, but is not working now. My /etc/nsswitch.conf contains the following for entry for automounting:
automount: files sss
and my /etc/sssd/sssd.conf looks like this:
[domain/default] id_provider = ldap autofs_provider = ldap sudo_provider = ldap cache_credentials = True auth_provider = krb5 chpass_provider = krb5 krb5_kpasswd = kerberos.example.com krb5_server = kerberos.example.com krb5_store_password_if_offline = True krb5_realm = PPPL.GOV ldap_uri =ldap://ldap1.example.com,ldap://ldap2.example.com ldap_search_base = dc=unix,dc=example,dc=com ldap_id_use_start_tls = False ldap_tls_cacertdir = /etc/openldap/cacerts ldap_autofs_search_base = ou=mounts,dc=unix,dc=example,dc=com ldap_autofs_map_object_class = automountMap ldap_autofs_map_name = ou ldap_autofs_entry_object_class = automount ldap_autofs_entry_key = cn ldap_autofs_entry_value = automountInformation enumerate = true
[sssd] config_file_version = 2 services = nss, pam, autofs, sudo domains = default
[nss]
[pam]
[autofs]
[sudo]
What am I missing or doing wrong here?
Nevermind... I found my own answer seconds after sending the e-mail below. This was working last week, but then when I put the working config in Ansible, I made a typo, and then ran Ansible to test my changes there. The automount map name is 'auto.project', not 'auto.projects'
Prentice
On 5/15/23 4:04 PM, Prentice Bisbal wrote:
SSSD Users,
I'm having a problem using a combination of both local files and LDAP as sources for automount information.
Historically, our site has always used LDAP for automount map information, and all systems used the same NFS home directories.
I'm now setting up a new HPC cluster, and I want the home directories (mounted as /u/<username>to be local to that cluster. The home directories will be provided by the master note of that cluster, but I still want to use the LDAP provided mount information for our project directories (mounted as /p/<project_name>. I want /etc/auto.home to be consulted for /u, but use the auto.projects automountmap in LDAP for /p. This should be simple, but it's not working for me:
# automount -m autofs dump map information ===========================
global options: none configured
Mount point: /u source(s):
instance type(s): file map: /etc/auto.home
* | ranger-master:/home/& Mount point: /p
source(s):
instance type(s): sss map: auto.projects
no keys found in map
I created this /etc/auto.master file:
/u /etc/auto.home /p auto.projects
And have this in my /etc/auto.home:
* cluster-master:/home/&
I could swear this worked last week, but is not working now. My /etc/nsswitch.conf contains the following for entry for automounting:
automount: files sss
and my /etc/sssd/sssd.conf looks like this: [domain/default] id_provider = ldap autofs_provider = ldap sudo_provider = ldap cache_credentials = True auth_provider = krb5 chpass_provider = krb5 krb5_kpasswd = kerberos.example.com krb5_server = kerberos.example.com krb5_store_password_if_offline = True krb5_realm = PPPL.GOV ldap_uri =ldap://ldap1.example.com,ldap://ldap2.example.com ldap_search_base = dc=unix,dc=example,dc=com ldap_id_use_start_tls = False ldap_tls_cacertdir = /etc/openldap/cacerts ldap_autofs_search_base = ou=mounts,dc=unix,dc=example,dc=com ldap_autofs_map_object_class = automountMap ldap_autofs_map_name = ou ldap_autofs_entry_object_class = automount ldap_autofs_entry_key = cn ldap_autofs_entry_value = automountInformation enumerate = true [sssd] config_file_version = 2 services = nss, pam, autofs, sudo domains = default [nss]
[pam]
[autofs]
[sudo]
What am I missing or doing wrong here?
Prentice
sssd-users@lists.fedorahosted.org