Bug 462405 - /etc/sysconfig/autofs does not support BASEDN for ldap search
/etc/sysconfig/autofs does not support BASEDN for ldap search
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: autofs (Show other bugs)
5.2
All Linux
medium Severity high
: rc
: ---
Assigned To: Ian Kent
Brock Organ
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-09-15 18:24 EDT by Simon Gao
Modified: 2008-09-16 23:14 EDT (History)
2 users (show)

See Also:
Fixed In Version: autofs-5.0.1-0.rc2.88
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-09-16 23:14:10 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Simon Gao 2008-09-15 18:24:14 EDT
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:
autofs-5.0.1-0.rc2.88

Steps to Reproduce:
1. Install RHEL 5.2 with following packages
autofs-5.0.1-0.rc2.88
openldap-2.3.27-8.el5_2.4
openldap-clients-2.3.27-8.el5_2.4
nss_ldap-253-13.el5_2.1

2. Configure autofs to use both local automount maps and LDAP based maps 

   Same ldap directory with two subdomain:

   ou=nyc,dc=example,dc=com
   ou=lax,dc=example,dc=com

   Without BASEDN to restrict search domain, all sites will get the same 
   automount maps for one of the two sites.

  
Actual results:

Both nyc and lax hosts will recieve the same automount maps.  autofs-4.x supports BASEDN so each site can limit ldap search to only its own subdomain. 

Expected results:

autofs-5.0.x should restore the BASEDN feature so ldap autofs maps can be retrieved based on the search domain.

Additional info:
Comment 1 Ian Kent 2008-09-15 21:24:41 EDT
Yes, that's right.

This was initially omitted from version 5 but, as of
RHEL-5.2, the SEARCH_BASE configuration option was
added. It has a different name, I know, but that's
because it provides slightly different functionality.

From /etc/sysconfig/autofs:

#
# SEARCH_BASE - base dn to use for searching for map search dn.
#               Multiple entries can be given and they are checked
#               in the order they occur here.
#
#SEARCH_BASE=""

Perhaps you were lead astray by the reference to "map search dn"
but, in version 5, the base dn used in lookups is the map search
dn which is worked out at module load time and re-calculated when
a HUP signal is received.

At least it is supposed to work this way, is that not the case?

Ian
Comment 2 Simon Gao 2008-09-16 18:59:31 EDT
Thanks. I did test it on a 5.2 machine and it worked.

Please close this bug ticket.
Comment 3 Ian Kent 2008-09-16 23:14:10 EDT
Great, sorry about using a different config name but it
does work differently so I thought it best.

Ian

Note You need to log in before you can comment on or make changes to this bug.