Is there a doc out there for setting up autofs and ad? Our devs would appreciate this, but they want to automount a CIFS volume.
On Fri, Mar 2, 2018, 10:01 AM Roger Martensson <roger.martens...@gmail.com> wrote: > Thanks for your answer. Then it was as i expected. > > Will use the workaround to store the missing data in the same > auto.home-hierachy in the domain the client is joined to. > > > > 2018-03-02 14:54 GMT+01:00 Ondrej Valousek <ondrej.valou...@s3group.com>: > >> Hi. >> >> What you are asking for can’t work as automounter: >> >> 1. Has no idea from which domain the mount request coming from (it >> only sees – hey, mount /a/b for me) >> >> 2. Can be used for other mounts, not just user home areas so it >> does not make much sense here either >> >> >> >> Ondrej >> >> >> >> *From:* Roger Martensson [mailto:roger.martens...@gmail.com] >> *Sent:* Friday, March 02, 2018 2:33 PM >> *To:* sssd-users@lists.fedorahosted.org >> *Subject:* [SSSD-users] autofs in a AD-forest >> >> >> >> Hi! >> >> I'm experiencing something that I'm not sure is as expected or not. >> >> First some data: >> >> OS: Ubuntu 16.04 >> >> SSSD Version: 1.13.4 >> >> >> >> I have managed to set up a SSSD against a AD-subdomain. NSS-lookup works. >> Can use 'userid', 'use...@subdomain1.domain.tld' and UPN when looking up >> an ID. >> >> I have set up a auto_home hierarchy in AD on subdomain1.domain.tld and >> managed to get AutoFS to work using this and get a working homedirectory >> using autofs and NFS. >> >> When I do this with a user in an another subdomain in the forest >> (subdomain2.domain.tld) I get into trouble. ID-lookup works like a charm. I >> have also set up a auto_home-hierarchy in this other subdomain. >> >> >> >> When looking in the logs is looks like the implementation of autofs only >> uses the domain the SSSD is connected to. Not a single mention in the logs >> about the other subdomain regarding to autofs. >> >> Is it correct to assume that autofs in multiple domains in a forest >> doesn't work or am I doing something wrong? >> >> My sssd.conf looks like this. (some names have been changed to protect >> the innocent) >> >> >> [domain/subdomain1.domain.tld] >> access_provider = ad >> ad_domain = subdomain1.domain.tld >> ad_hostname = client1.subdomain1.domain.tld >> autofs_provider = ad >> cache_credentials = True >> debug_level = 8 >> default_shell = /bin/bash >> fallback_homedir = /userhome/%u >> id_provider = ad >> krb5_realm = SUBDOMAIN1.DOMAIN.TLD >> krb5_store_password_if_offline = True >> ldap_id_mapping = False >> mkhomedir = false >> realmd_tags = manages-system joined-with-adcli >> >> [sssd] >> config_file_version = 2 >> domains = subdomain1.domain.tld >> services = nss,pam,autofs >> >> ----- >> >> The information contained in this e-mail and in any attachments is >> confidential and is designated solely for the attention of the intended >> recipient(s). If you are not an intended recipient, you must not use, >> disclose, copy, distribute or retain this e-mail or any part thereof. If you >> have received this e-mail in error, please notify the sender by return >> e-mail and delete all copies of this e-mail from your computer system(s). >> Please direct any additional queries to: communicati...@s3group.com. Thank >> You. Silicon and Software Systems Limited (S3 Group). Registered in Ireland >> no. 378073. Registered Office: South County Business Park, Leopardstown, >> Dublin 18. >> >> >> _______________________________________________ >> sssd-users mailing list -- sssd-users@lists.fedorahosted.org >> To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org >> >> > _______________________________________________ > sssd-users mailing list -- sssd-users@lists.fedorahosted.org > To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org >
_______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org
