Hmm,
To me, these instructions are very vague - for example it completely omits LDAP security configuration for the automounter (stored in
/etc/autofs_ldap_auth.conf). How does the automounter bind to the ldap server? Anonymously?
I would not recommend it.
I would recommend to configure automounter to use the host/ principal in the local Kerberos system database and bind using SASL/GSSAPI
instead. It is more secure and elegant solution.
Ondrej
On 30.06.2011 17:26, Adam Young wrote:
Good point.
Take a look at the test day instructions, I found them very useful for setting
up both SUDO and automount.
https://fedoraproject.org/wiki/QA:Testcase_freeipav2_automount
On 06/30/2011 11:08 AM, Ondrej Valousek wrote:
On 30.06.2011 16:55, Rob Crittenden wrote:
Look at the output of this for details: ipa help automount
I see, thanks!
It would be nice to update man pages like:
http://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/configuring-automount.html
to say something like:
LDAP_URI="ldap:///dc=example,dc=com";
SEARCH_BASE="cn=<location>,cn=automount,dc=example,dc=com"
So people know more automounter's ability to locate ldap server via DNS SRV....
Thanks!
Ondrej
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
