#1341 add AD-specific autofs mapping for the AD schema
Closed: Invalid None Opened 11 years ago by jhrozek.

In ticket #1031, Ondrej Valousek proposed to add this mapping to the Active Directory schema for the autofs map and key maps:

ldap_autofs_map_object_class = nisMap
ldap_autofs_entry_object_class = nisObject
ldap_autofs_map_name = nisMapName
ldap_autofs_entry_value = nisMapEntry

We should research whether this is the standard mapping in AD world for autofs maps and if so, add the maps.


Ondrej, do you maybe have a pointer to any documentation that describes the mappings?

cc: => ondrejv

Fields changed

milestone: NEEDS_TRIAGE => SSSD AD Extensions Feature

Fields changed

rhbz: => 0

Replying to [comment:1 jhrozek]:

Ondrej, do you maybe have a pointer to any documentation that describes the mappings?
Well, I do not have any documentation. The only thing I know is that:

  • AD schema 'looks like' RFC2307bis because of its member attribute for groups, but it does not have any automount* object classes
  • instead, AD does have the nisMap and nisObject (see RFC2307) classes (as of Windows 2003R2 AD by default) for generic NIS maps storage
  • AD schema is extensible, but I guess we do not want require that as autofs & lookup_ldap.so module is quite happy with RFC2307 mapping, too.

Ondrej

Fields changed

component: SSSD => AD Provider
milestone: SSSD AD Extensions Feature => SSSD 1.9.0 beta 5

Active Directory does not appear to have a mechanism for configuring automount maps through their standard admin console. Since this implies that any automount configuration added would have to be custom, I don't really see a value in changing our defaults right now to match one possible configuration.

If Active Directory in the future adopts a standard implementation, we can implement this at that time.

Moving to NEEDS_TRIAGE for re-evaluation.

milestone: SSSD 1.9.0 beta 5 => NEEDS_TRIAGE

AD does not have a standard mechanism to map to so we are closing this ticket.

milestone: NEEDS_TRIAGE => SSSD 1.9.0
resolution: => wontfix
status: new => closed

If Active Directory in the future adopts a standard implementation, we can implement this at that time.
Note that RFC3207 IS a standard. The fact that sssd only counts on RFC2307bis is something else. Even automounter itself supports both standards - it tries RFC2307bis first and then falls back to rfc2307. Maybe we should do the same - it would fix this problem, too.

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.9.0

7 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2383

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata