Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-2748: Could not get the automounter direct map to work in CDC adauto.pl

Centrify DirectControl ,  

12 April,16 at 11:13 AM

 

Applies to: All versions of Centrify DirectControl

 

Problem:

 

adauto.pl does not work in the case of automounter direct map

 

Automounts such as auto.home and auto.apps work fine. 

 

The following link shows examples of an indirect automount map such as auto.home and a direct map such as auto.direct:

http://www.linux-consulting.com/Amd_AutoFS/autofs-5.html 

 

Both methods are desired; for the Master Map, in order to use auto.home (auto_home for Solaris), the following syntax is used:

 

  /home auto_home

 

When using in conjunction with Centrify DirectControl, the syntax would be: 

 

  /home /etc/auto.home

  

Where a soft link from /etc/auto.home to /usr/share/centrifydc/etc/adauto.pl would be applied.

 

For direct maps however, it is a little different. 

 

The Master Map for auto direct map is:

 

  /- auto_direct

 

(Note the /- which means take exactly whatever is specified in auto_direct file or map)

 

auto.direct maps were tried and did not work.

 

 

Cause:

 

This is due to the limitation on the current version of the autofs function which automounter uses.

 

man 5 autofs notes that, "This version of the automounter supports direct maps stored in FILE, NIS, NISPLUS and LDAP only." 

 

The symlink to adauto.pl approach will NOT work for auto.direct if it is a direct map. It has to be either a file, or using adnisd (NIS) will be considered.

 

Solution:

 

None with the current version of the autofs

 

 

Workaround 1:

 

When importing the maps to the DC using Centrify's DirectManage console, both the auto.home maps as well as the auto.direct maps are imported. The adauto.pl file uses ldap queries to mount auto.home, this should be the same for auto.direct. It looks like in the present form of adauto.pl, it will not work. 

 

One possibility is to create a startup script that will query the auto.direct maps from DC using Centrify's adauto.pl. The script should put it into the local machine's auto.direct map and when the machine's autofs service starts, it will mount the entries in the auto.direct map.

 

 

Workaround 2:

 

adauto.pl can query AD zone nismap data to get the auto.direct map into a local DBM cache, it can be modified to make /etc/auto.direct as a file for autofs to use. The consideration is to change this map on the AD side. It will require some procedures to update the cache (dbm files), then re-render the file, and notify autofs (or SIGHUP). This is a possibility as a cron job:

 

- Run the modified adauto.pl to refresh the cache.

- Generate a temporary list and compare against /etc/auto.direct.

- If nothing changes, use it as it is.

- Otherwise, refresh /etc/auto.direct, and then do /etc/rc.d/init.d/autofs reload, or SIGHUP the automount daemon.

 

Please note, the workaround given above will not work with stock Solaris 8 Sparc, the workaround is to use the CDC 4.4.3 version of adauto.pl instead.  The adauto.pl version for CDC 5.x. is out dated.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.

Related Articles

 articleKB-0616: Mapping home directories for AD users in Linux using automount and the Centrify adauto.pl script articleKB-6073: How to join the Linux/Unix Centrify Server to Active Directory with specific Computer Role? articleKB-6041: How to show current license type in use by adclient? articleKB-6040: How to change the license type in use after adclient successful joined to the AD? articleKB-6056: How to report the group policy settings that are in effect for the local computer? articleKB-7555: Unable to login as root after upgrade to Centrify Suite 2016 (CDC 5.3.0) articleKB-6038: How to specify the license type to use when joining the server to AD using adjoin? articleKB-2371: Does DirectControl support wildcard automount in NIS maps? articleKB-6387: Will Direct Control work with NFS-Ganesha?