> Jakub Hrozek <jhro...@redhat.com> hat am 26. September 2019 um 14:52 > geschrieben: > > > On Tue, Sep 24, 2019 at 01:21:45PM +0200, w...@mailbox.org wrote: > > Hello list, > > I'm trying to setup sssd to access automounter rules stored on an AD (samba > > 4.7.6). > > I followed the instructions on this site, however it doesn't work for me. > > https://ovalousek.wordpress.com/2015/08/03/autofs/ > > In the sssd_logfile I see, that the "auto.master" map is found by sssd > > within the ldap search path. > > However, the reference to the auto.home and the corresponding user mounts > > does not seem to be found. > > > > Using sssd to authenticate against Active Directory works well. > > > > Any ideas what's going wrong here? Thanks for looking in this issue! > > Normally when I debug automounter issues, I used to run automount -m on > the foreground in one terminal and try to correlate those with the sssd > logs tailing in another terminal. > > Can you paste those?
Thanks, for that advice! I stopped the automounter daemon and run the automounter in the foreground: root@fs1:~# automount -f -v Starting automounter version 5.1.2, master map /etc/auto.master using kernel protocol version 5.02 no mounts in table After that I restart the sssd daemon and dump the automounter maps in another terminal: root@fs1:~# automount -m autofs dump map information =========================== global options: none configured no master map entries found However the automounter still gives no further output. After that, I moved the empty /etc/auto.master away and restart the automounter in the foreground: root@fs1:~# automount -f -v Starting automounter version 5.1.2, master map /etc/auto.master using kernel protocol version 5.02 lookup(file): file map /etc/auto.master missing or not readable no mounts in table No additional output from the automounter after restarting sssd. In the logs of the sssd at startup I found the following: ... (Fri Sep 27 08:13:46 2019) [sssd[be[info.privat]]] [dp_get_options] (0x0400): Option ldap_autofs_search_base has value ou=automount,dc=informatik,dc=privat ... (Fri Sep 27 08:13:46 2019) [sssd[be[info.privat]]] [dp_get_options] (0x0400): Option ldap_autofs_map_master_name has value auto.master ... Why is the automounter not looking for the maps from the sssd daemon? I think, that the automounter doesn't communicate with the sssd daemon for automounter maps, although the nsswitch.conf looks like this: ... automount: files sss ... Do I miss something or how can I narrow down the problem? Thanks! Peter > > > > OS: Ubuntu 18.04.3 LTS > > sssd 1.16.1-1ubuntu1.4 > > sssd-ad 1.16.1-1ubuntu1.4 > > sssd-ad-common 1.16.1-1ubuntu1.4 > > sssd-common 1.16.1-1ubuntu1.4 > > sssd-dbus 1.16.1-1ubuntu1.4 > > sssd-ipa 1.16.1-1ubuntu1.4 > > sssd-krb5 1.16.1-1ubuntu1.4 > > sssd-krb5-common 1.16.1-1ubuntu1.4 > > sssd-ldap 1.16.1-1ubuntu1.4 > > sssd-proxy 1.16.1-1ubuntu1.4 > > sssd-tools 1.16.1-1ubuntu1.4 > > > > > > > > Here is the configuration. Additionally, I attached logfiles with log_level > > 9 > > > > > > > > ****sssd.conf**** > > > > [sssd] > > domains = info.privat > > config_file_version = 2 > > services = nss, pam, autofs > > > > [pam] > > > > [nss] > > > > [autofs] > > > > [domain/info.privat] > > debug_level = 5 > > ad_server = tfaddc2.info.privat > > access_provider = ad > > auth_provider = ad > > krb5_realm = INFO.PRIVAT > > cache_credentials = True > > id_provider = ad > > > > autofs_provider = ad > > ldap_autofs_entry_key = cn > > ldap_autofs_entry_object_class = nisObject > > ldap_autofs_entry_value = nisMapEntry > > ldap_autofs_map_name = nisMapName > > ldap_autofs_map_object_class = nisMap > > ldap_autofs_search_base = ou=automount,dc=info,dc=privat > > > > > > nsswitch.conf > > > > automount: files sss > > > > > > ****AD**** > > > > dn: OU=automount,DC=info,DC=privat > > objectClass: top > > objectClass: organizationalUnit > > ou: automount > > name: automount > > > > dn: CN=auto.master,OU=automount,DC=info,DC=privat > > objectClass: top > > objectClass: nisMap > > cn: auto.master > > name: auto.master > > objectCategory: CN=NisMap,CN=Schema,CN=Configuration,DC=info,DC=privat > > nisMapName: auto.master > > > > dn: CN=auto.home,OU=automount,DC=info,DC=privat > > objectClass: top > > objectClass: nisMap > > cn: auto.home > > name: auto.home > > objectCategory: CN=NisMap,CN=Schema,CN=Configuration,DC=info,DC=privat > > nisMapName: auto.home > > > > dn: CN=/home/,CN=auto.master,OU=automount,DC=info,DC=privat > > objectClass: top > > objectClass: nisObject > > objectCategory: CN=NisObject,CN=Schema,CN=Configuration,DC=info,DC=privat > > nisMapName: auto.master > > cn: /home/ > > name: /home/ > > nisMapEntry: auto.home > > > > dn: CN=user1,CN=auto.home,OU=automount,DC=info,DC=privat > > objectClass: top > > objectClass: nisObject > > objectCategory: CN=NisObject,CN=Schema,CN=Configuration,DC=info,DC=privat > > nisMapName: auto.home > > nisMapEntry: > > -fstype=nfsv4,nosuid,rw,dir_index,user_xattr,proto=tcp,port=2049 > > server:/export/lra/user/user1 > > cn: user1 > > name: user1 > > > > _______________________________________________ > > sssd-users mailing list -- sssd-users@lists.fedorahosted.org > > To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org > > Fedora Code of Conduct: > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > > List Archives: > > https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org > _______________________________________________ > sssd-users mailing list -- sssd-users@lists.fedorahosted.org > To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org
