[Date Prev][Date Next] [Chronological] [Thread] [Top]

Solaris automount and Openldap


I saw some messages on this list in the past months from people trying to use Openldap for Solaris automounter tables without success. That made me curious and I tried it myself. With some help from the Solaris sources I have it working now. The major pitfall is a line similar to the following in the Solaris sources:

if (strcmp(attr->attrname, "nismapentry") == 0)

As you might notice the comparison is not case insensitive. After I modified the nis.schema accordingly everything started working. Following are the relevant entries from my nis.schema:

attributetype ( NAME 'nisMapName'
        SUP name )

attributetype ( NAME 'nismapentry'
        EQUALITY caseExactIA5Match
        SUBSTR caseExactIA5SubstringsMatch
        SYNTAX{1024} SINGLE-VALUE )

objectclass ( NAME 'nisMap' SUP top STRUCTURAL
        DESC 'A generic abstraction of a NIS map'
        MUST nisMapName
        MAY description )

objectclass ( NAME 'nisObject' SUP top STRUCTURAL
        DESC 'An entry in a NIS map'
        MUST ( cn $ nismapentry $ nisMapName )
        MAY description )

(the "nisMapName" HAS to be mixed case and "nismapentry" HAS to be lower case)

This is how an entry should look like if you do ldapsearch:

dn: cn=user,nismapname=auto_home,o=something,c=us
objectClass: top
objectClass: nisObject
nismapentry: server:/export/home/&
nisMapName: auto_home
cn: user

I can't say who is at fault here, I tend to blame Sun for their case sensitivity, but the whole thing looks pretty much braindead and is one of the reasons why deploying LDAP can be difficult at times. Case sensitivity in attribute names should be avoided. There is another case in core.schema and inetorgperson.schema of less importance, core.schema contains "x500UniqueIdentifier" whereas inetorgperson.schema contains "x500uniqueIdentifier".

I hope I saved somebody some time and nerves with this.

Karsten. -- "As long as the spirit of innovation is preserved and destructive viruses are recognised as industrial terrorism, Microsoft will continue to provide revolutionary ideas." Lane Thomas