LDAP automount maps

You can configure the automount subsystem to retrieve its maps from an LDAP server.

To administer automount maps in LDAP, add the following line to the /etc/irs.conf file:

automount nis_ldap

In order to administer automount maps in LDAP, you need to create the appropriate LDIF files. You can convert local automount map files to LDIF format using the nistoldif command. As an example, if the LDAP server is named ldapserver, then its base suffix is dc=suffix, and the /etc/auto_home map file contains the following lines:

user1		 server1:/home/user1     
user2		 server1:/home/user2     
user3		 server1:/home/user3

Use the following commands to create the LDIF file for the /etc/auto_home map file, and add it to the LDAP server:

nistoldif -d dc=suffix -sa -f /etc/auto_home > /tmp/auto_home.ldif
ldapadd -D cn=admin -w passwd -h ldapserver -f /tmp/auto_home.ldif

In order to edit or remove existing automount entries from an LDAP server, the LDIF files must be created manually. For example, if the home directory of user2 is now on server2, the following LDIF should be created:

# cat /tmp/ch_user2.ldif
dn: automountKey=user2,automountMapName=auto_home,dc=suffix
changetype: modify
replace: automountInformation
automountInformation: server2:/home/user2

After creating the above LDIF, run the following command:

ldapmodify -D cn=admin -w passwd -h ldapserver -f /tmp/ch_user2.ldif

You must also create an LDIF file to remove a user. For example, to remove user3, create the following LDIF:

# cat /tmp/rm_user3.ldif
dn: automountKey=user3,automountMapName=auto_home,dc=suffix
changetype: delete

After creating the above LDIF, run the following command:

ldapmodify -D cn=admin -w passwd -h ldapserver -f /tmp/rm_user3.ldif