Originally posted by: SystemAdmin

Hi

Has anybody experience with autmounter on AIX with openldap.
Our LDAP Server is on Linux
The Homedirectory Server is on AIX
What do i need to configure on AIX-Client to switch the User Management to OpenLDAP and to get my home Directory ?

Kind Regards

Originally posted by: SystemAdmin

What release of AIX are you running?
Do you require automount maps to be in LDAP? Or can you live with them defined in files?
How far have you gotten in your quest for AIX authentication to LDAP?
Have you seen the client and server white papers on Developerworks?
The answer can vary depending on the answers to these. I will try to give you some details tomorrow. LDAP automount maps are not supported until AIX 5.3 if my memory servers me right. There is a Redbook that is being written now that will describe this exact scenario and many more, but it will be a couple months before that is readily available.
If you are running AIX 5.3, then I think I can give you some tips on getting started, but if you are on earlier release, then you are going to have to setup the automount with files or NIS.

Originally posted by: SystemAdmin

Hi

Yes i'm running AIX 5.3 ML2
I can live with them defined in files
I checked out /etc/auto_master and add /homenfs nfsserver:/nfshome
In /etc/irs.conf if add auto_mount files

The user will be successfully authenticated in openldap.
But if the user login no $HOME will be mounted by automountd. ( its started after modified the files by startsrc -s automound )

Originally posted by: SystemAdmin

Hi

Here is my Test:
Oct 13 13:22:33 server1 auth|security:notice su: from root to testuser at /dev/pts/3
Oct 13 13:23:01 server1 auth|security:info sshd401410: Accepted password for testuser from 127.0.0.1 port 37386 ssh2
Oct 13 13:24:04 server1 daemon:debug automountd790656: dlopen(/usr/ldap/lib/libibmldapn.a) failed: 0509-022 Cannot
load module /usr/ldap/lib/libibmldapn.a. 0509-026 System error: A file or directory in the path name does not exist.
Oct 13 13:24:04 server1 daemon:debug automountd790656: WARNING: ldap is not loaded
Oct 13 13:24:04 server1 daemon:debug automountd790656: WARNING: ldap is not configured
Oct 13 13:24:08 server1 auth|security:info sshd463060: Accepted password for testuser from 127.0.0.1 port 37393 ssh2

root@server1 # more /etc/auto.master
/homenfs /etc/auto.nfshome

root@server1 # more /etc/auto.nfshome

• -rw,soft,intr,nosuid nfsserver:/homenfs/&

root@server more /etc/irs.conf
automount files nis_ldap
root@server1 mount nfsserver:/homenfs /homenfs
root@server1 # echo $?
0
root@server1 # df /homenfs
Filesystem 512-blocks Free %Used Iused %Iused Mounted on
nfsserver:/homenfs 1048576 1013616 4% 2098 2% /homenfs

Originally posted by: SystemAdmin

For complete help debugging this problem, you may need to work with support line, but let me give you some steps that a friend of mine used.
1. Creat auto_master mappings in LDAP by adding an LDIF entry onto the LDAP server
----
auto_master.ldif

• begin file ---

dn: automountMapName=auto_master,dc=... (base dn here)
objectClass: automountMap
objectClass: top
automountMapName: auto_master

dn: automountKey=/home,automountMapName=auto_master,dc=(base )
objectClass: automount
objectClass: top
automountKey: /home
automountInformation: auto_home -rw

• end of file ----

1. ldapadd -h (ldapserver) - D "cn=(admin)" -w password -f /tmp/auto_master.ldif

adding new entry .... (should display) you will need to have your ldapservername, admin dn and admin pwd in that line

• Note the AIX 5.3 client also supporsts nisMap objectclass, but you may need to be at ML3 for this to work right, I don't know for sure

2. Create an auto_home entry in LDAP. The automountMAP attribute contains the key (user id) and the automoutnInformation shows where the user's home directory is located.

Be sure the replasec the (base) with the basedn for your server. For example dc=example,dc=com.

• /tmp/auto_home.ldif example file ----

dn: automountMapName=auto_home,dc=(base)
objectClass: automountMap
objectClass: top
automountMapName: auto_home

dn: automountKey=user1,automountMapName=auto_home,dc=(base)
objectClass: automount
objectClass: top
automountKey: user1

• end of file ----

ldapadd the auto_home.ldif file

Note: AIX 5.3 client also supports nisobject objectclass as well as the automount objectclass

The automounter expects either automount or nisobject objectclass, but not both. Be consistent. I haven't given the nismapname ldifs here

3. Update /etc/irs.conf

• irs.conf

automount nis_ldap

• end file

The file you posted should work.

4. Start the automount daemon
/uisr/sbin/automount

• Now you should be able to login as user1 and have thd directory mounted.

• Again at this depth of problem determination, you are probably best off to use support line as I don't have a test system setup anymore to confirm this, but it did work to a Sun ONE directory server and the openLDAP should make no difference if you have the correct AIX fixes applied.

Originally posted by: SystemAdmin

Hi CompuChem

Thanks for your reply.
Do you know if it works with local Files ?

Originally posted by: SystemAdmin

It is supposed to, but I personnaly haven't tested