Bug 462405

Summary: /etc/sysconfig/autofs does not support BASEDN for ldap search
Product: Red Hat Enterprise Linux 5 Reporter: Simon Gao <gao>
Component: autofsAssignee: Ian Kent <ikent>
Status: CLOSED NOTABUG QA Contact: Brock Organ <borgan>
Severity: high Docs Contact:
Priority: medium    
Version: 5.2CC: ikent, jmoyer
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: autofs-5.0.1-0.rc2.88 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-09-17 03:14:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Simon Gao 2008-09-15 22:24:14 UTC
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:
autofs-5.0.1-0.rc2.88

Steps to Reproduce:
1. Install RHEL 5.2 with following packages
autofs-5.0.1-0.rc2.88
openldap-2.3.27-8.el5_2.4
openldap-clients-2.3.27-8.el5_2.4
nss_ldap-253-13.el5_2.1

2. Configure autofs to use both local automount maps and LDAP based maps 

   Same ldap directory with two subdomain:

   ou=nyc,dc=example,dc=com
   ou=lax,dc=example,dc=com

   Without BASEDN to restrict search domain, all sites will get the same 
   automount maps for one of the two sites.

  
Actual results:

Both nyc and lax hosts will recieve the same automount maps.  autofs-4.x supports BASEDN so each site can limit ldap search to only its own subdomain. 

Expected results:

autofs-5.0.x should restore the BASEDN feature so ldap autofs maps can be retrieved based on the search domain.

Additional info:

Comment 1 Ian Kent 2008-09-16 01:24:41 UTC
Yes, that's right.

This was initially omitted from version 5 but, as of
RHEL-5.2, the SEARCH_BASE configuration option was
added. It has a different name, I know, but that's
because it provides slightly different functionality.

From /etc/sysconfig/autofs:

#
# SEARCH_BASE - base dn to use for searching for map search dn.
#               Multiple entries can be given and they are checked
#               in the order they occur here.
#
#SEARCH_BASE=""

Perhaps you were lead astray by the reference to "map search dn"
but, in version 5, the base dn used in lookups is the map search
dn which is worked out at module load time and re-calculated when
a HUP signal is received.

At least it is supposed to work this way, is that not the case?

Ian

Comment 2 Simon Gao 2008-09-16 22:59:31 UTC
Thanks. I did test it on a 5.2 machine and it worked.

Please close this bug ticket.

Comment 3 Ian Kent 2008-09-17 03:14:10 UTC
Great, sorry about using a different config name but it
does work differently so I thought it best.

Ian