{"id":692,"date":"2016-12-15T16:38:58","date_gmt":"2016-12-15T15:38:58","guid":{"rendered":"http:\/\/drfugazi.eu.org\/?p=692"},"modified":"2017-03-24T12:28:07","modified_gmt":"2017-03-24T11:28:07","slug":"solaris-ldap-autofs-client-configuration","status":"publish","type":"post","link":"https:\/\/drfugazi.eu.org\/en\/solaris-ldap-autofs-client-configuration\/","title":{"rendered":"Solaris LDAP autofs client configuration"},"content":{"rendered":"

Last time I wrote about autofs configuration on LDAP server, now it is time to configure autofs client in Solaris.
\nI assume that in DUAConfigProfile, objectClasses and attributes are already defined. You can check this with simply commands:<\/p>\n

\r\n% ldaplist -l auto_master\r\ndn: automountMapName=auto_master,ou=service,dc=mycompany,dc=com\r\n        automountMapName: auto_master\r\n        objectClass: automountMap\r\n        objectClass: top\r\n\r\ndn: cn=\/home,automountMapName=auto_master,ou=service,dc=mycompany,dc=com\r\n        automountInformation: auto_home -nosuid,nobrowse\r\n        automountKey: \/home\r\n        automountMapName: auto_master\r\n        objectClass: automount\r\n        objectClass: top\r\n\r\n% ldaplist -l auto_home\r\ndn: automountMapName=auto_home,ou=service,dc=mycompany,dc=com\r\n        automountMapName: auto_home\r\n        objectClass: automountMap\r\n        objectClass: top\r\n\r\ndn: cn=*,automountMapName=auto_home,ou=service,dc=mycompany,dc=com\r\n        automountKey: *\r\n        objectClass: automount\r\n        objectClass: top\r\n        automountMapName: auto_home\r\n        automountInformation: -rw,sync,quota,vers=4 NFSHOME:\/app\/nethomes\/&\r\n<\/pre>\n
If you have similar output, you can proceed with configuration in system files. In principle, it would be suffice to have following entry in \/etc\/auto_master<\/code> file:<\/p>\n
\r\n+auto_master\r\n<\/pre>\n
and the rest of maps system should receive from LDAP server. But there are also other entries in Solaris 10 and 11 by default. There is no need to change them.<\/p>\n
\r\n\/net            -hosts          -nosuid,nobrowse\r\n\/home           auto_home       -nobrowse\r\n<\/pre>\n
There is also \/etc\/auto_home<\/code> file with content:<\/p>\n
\r\n+auto_home\r\n<\/pre>\n
The ‘+’ sing means that system should receive automounter configuration not only from files, but also from external sources like NIS\/NIS+ and LDAP.
\nNow you should check \/etc\/nsswitch.conf<\/code> and add there ldap source for automounter:<\/p>\n
\r\nautomount:  files ldap\r\n<\/pre>\n
Last thing is to make sure that ‘autofs’ service is working:<\/p>\n
\r\n% svcs autofs\r\nSTATE          STIME    FMRI\r\nonline         Sep_21   svc:\/system\/filesystem\/autofs:default\r\n<\/pre>\n
That’s it, automounter should work with LDAP and mounts users’ remote directories.
\nIn case of any issues, when you need to debug automounter, please visit this web page:
\nDebugging automounter probles<\/a><\/p>","protected":false},"excerpt":{"rendered":"
Last time I wrote about autofs configuration on LDAP server, now it is time to configure autofs client in Solaris. I assume that in DUAConfigProfile, objectClasses and attributes are already defined. You can check...<\/p>\n","protected":false},"author":1,"featured_media":663,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_newsletter_tier_id":0,"footnotes":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[115,108],"tags":[6,44,9],"jetpack_publicize_connections":[],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/02\/Solaris_OS_logo.png?fit=800%2C393&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7M9Tz-ba","jetpack-related-posts":[{"id":685,"url":"https:\/\/drfugazi.eu.org\/en\/autofs-in-ldap-configuration-linux-solaris\/","url_meta":{"origin":692,"position":0},"title":"Autofs in LDAP configuration – for Linux and Solaris","author":"drfugazi","date":"Friday November 25th, 2016","format":false,"excerpt":"If you have LDAP server as user repository it is also good to have NFS server to store their home directories. To avoid autofs map configuration on every host, you can use LDAP service to store maps. I assume that NFS server (NFSHOME) is already installed, LDAP server and client\u2026","rel":"","context":"In "LDAP"","block_context":{"text":"LDAP","link":"https:\/\/drfugazi.eu.org\/en\/category\/ldap\/"},"img":{"alt_text":"LDAP DIT","src":"https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":599,"url":"https:\/\/drfugazi.eu.org\/en\/ldap-server-for-solaris-and-linux-clients\/","url_meta":{"origin":692,"position":1},"title":"LDAP server for Solaris and Linux clients","author":"drfugazi","date":"Thursday June  2nd, 2016","format":false,"excerpt":"Few months ago I received a task to set up LDAP authentication for Solaris 10, Solaris 11 and Linux machines in Customer's infrastructure. As LDAP server was chosen OpenLDAP 2.4.x in Master-Slave configuration with SSL\/TLS support. Servers was installed on Virtual Machines with CentOS 6.7. I will not describe LDAP\u2026","rel":"","context":"In "LDAP"","block_context":{"text":"LDAP","link":"https:\/\/drfugazi.eu.org\/en\/category\/ldap\/"},"img":{"alt_text":"LDAP DIT","src":"https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":729,"url":"https:\/\/drfugazi.eu.org\/en\/sudoers-in-ldap\/","url_meta":{"origin":692,"position":2},"title":"Sudoers in LDAP","author":"drfugazi","date":"Wednesday June 28th, 2017","format":false,"excerpt":"In addition to the standard sudoers file, sudo may be configured via LDAP. This can be especially useful for synchronizing sudoers in a large, distributed environment. You need to have LDAP server and client configured, if you do not have already, see my previous posts. LDAP schema extension for sudo\u2026","rel":"","context":"In "LDAP"","block_context":{"text":"LDAP","link":"https:\/\/drfugazi.eu.org\/en\/category\/ldap\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2017\/06\/sudo-sudoers-make-me-sandwich.jpg?fit=360%2C299&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":641,"url":"https:\/\/drfugazi.eu.org\/en\/solaris-ldap-client-configuration\/","url_meta":{"origin":692,"position":3},"title":"Solaris LDAP client configuration","author":"drfugazi","date":"Tuesday June 21st, 2016","format":false,"excerpt":"Oracle Solaris has native LDAP support built in OS, so there is no need to install third-party software to configure Solaris to use LDAP as users\/groups and other repository. You can use different ways to do this, and I will describe few of them. If secure communication is required, and\u2026","rel":"","context":"In "LDAP"","block_context":{"text":"LDAP","link":"https:\/\/drfugazi.eu.org\/en\/category\/ldap\/"},"img":{"alt_text":"LDAP DIT","src":"https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/06\/LDAP-DIT.jpg?fit=1200%2C1016&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":672,"url":"https:\/\/drfugazi.eu.org\/en\/linux-ldap-client-configuration\/","url_meta":{"origin":692,"position":4},"title":"Linux LDAP client configuration","author":"drfugazi","date":"Thursday October  6th, 2016","format":false,"excerpt":"The simplest way to configure LDAP client in Linux is to use some kind of tool delivered with system. SuSE has yast (yast2), RedHat family has authconfig (authconfig-tui). This should install required packages like: nss-pam-ldapd, nscd, pam_ldap, ldapclient etc. Unfortunatelly I don't remember list of packages for particular distributions, because\u2026","rel":"","context":"In "LDAP"","block_context":{"text":"LDAP","link":"https:\/\/drfugazi.eu.org\/en\/category\/ldap\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/drfugazi.eu.org\/wp-content\/uploads\/2016\/10\/linux-logo.jpg?fit=300%2C300&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":272,"url":"https:\/\/drfugazi.eu.org\/en\/mail-delivery-configuration-ldap\/","url_meta":{"origin":692,"position":5},"title":"Mail delivery configuration with LDAP","author":"drfugazi","date":"Wednesday May 25th, 2011","format":false,"excerpt":"Sorry, this entry is only available in Polish. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.Ostatnim razem pisa\u0142em o uwierzytelnianiu u\u017cytkownik\u00f3w w katalogu LDAP aby umo\u017cliwia\u0107 im odbieranie i nadawanie poczty. Teraz nadszed\u0142\u2026","rel":"","context":"In "LDAP"","block_context":{"text":"LDAP","link":"https:\/\/drfugazi.eu.org\/en\/category\/ldap\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/posts\/692"}],"collection":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/comments?post=692"}],"version-history":[{"count":4,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/posts\/692\/revisions"}],"predecessor-version":[{"id":712,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/posts\/692\/revisions\/712"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/media\/663"}],"wp:attachment":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/media?parent=692"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/categories?post=692"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/tags?post=692"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}