See the introduction to this post.

Last time I hinted at getting automount and DHCP-supplied LDAP settings working. I gave up on DHCP since a) I tried to get it working last year at CacheLogic and failed; b) I couldn’t find much documentation on it; c) the documentation I did find suggested that it only provides an LDAP server and base, which wouldn’t be sufficient on my network because of the attribute mappings needed to placate DirectoryService.

I did get automount working, however. And as a special bonus I got it working on a Linux machine too. Since there isn’t a massive amount of useful documentation out there for AutoFS and LDAP, I’ll talk about the Linux configuration here as well as the Mac configuration.

Automounted home directories are typically used on big networks with many users. The idea is that you define a mountpoint, say /home and when a user process tries to access a subdirectory of that mountpoint, the automounter dynamically mounts it according to a mapping stored in NIS, flat files (boo, hiss!) or LDAP. The subdirectory is unmounted again a short time after the last process finishes with it. In big networks you can use this functionality to have certain users’ home directories stored on different file servers from other users’. In smaller networks you might just mount the whole of /home from one server (the benefit of automounting being that you don’t need to edit the fstab on each client). And in networks with two clients and two users, automounting redefines overkill.

Sounds like my network!

Automounting on Mac

Our old friend the Apple schema defines the mount objectclass which contains the same details we previously stuck in NetInfo. The schema is fairly self-explanatory if you read Part 2.

    dn: cn=files:/home,ou=mounts,dc=iain,dc=cx
    objectClass: mount
    cn: files:/home
    mountType: nfs
    mountOption: net
    mountOption: -P

Really quite simple. The cn is the exported share we’ll be mounting and since the net option is defined, the place we’ll be mounting it in is /Network/Servers/files/home.

If you wanted to do a per-user mapping you could have individual entries viz:

    dn: cn=files1:/home/user1,ou=mounts,dc=iain,dc=cx
    objectClass: mount
    cn: files1:/home/user1
    mountType: nfs
    mountOption: net
    mountOption: -P

    dn: cn=files2:/vol/vol1/home/user2,ou=mounts,dc=iain,dc=cx
    objectClass: mount
    cn: files2:/vol/vol1/home/user2
    mountType: nfs
    mountOption: net
    mountOption: -P

And so on…

Automounting on Linux

The AutoFS package installed with modern Linux distributions uses a different schema. Actually it understands two schemas, one being an older format that Solaris used to use. The one I used is the automountMap type. Configuring it is a bit more of a black art than the simple Mac way described above.

On the client you edit /etc/nsswitch.conf and set

    automount: ldap

You also make sure that /etc/ldap.conf is set up correctly.

Upon startup the automount searches for (&(objectClass=automountMap)(ou=auto.master)) and, assuming such an entry exists, (objectClass=automount) under the base it found. This means that the client requires zero configuration if you create the correct objects in LDAP.

Here’s the schema I set up:

    dn: ou=auto.master,ou=mounts,dc=iain,dc=cx
    ou: auto.master
    objectClass: automountMap

    dn: cn=/home,ou=auto.master,ou=mounts,dc=iain,dc=cx
    cn: /home
    objectClass: automount
    automountInformation: ldap:ou=auto.home,ou=mounts,dc=iain,dc=cx

This tells the automounter that it should handle /home and that it should consult ou=auto.home,ou=mounts,dc=iain,dc=cx to find out what to do with it.

    dn: ou=auto.home,ou=mounts,dc=iain,dc=cx
    ou: auto.home
    objectClass: automountMap

    dn: cn=/,ou=auto.home,ou=mounts,dc=iain,dc=cx
    objectClass: automount
    cn: /
    automountInformation: -fstype=nfs,tcp,rw,intr files:/home/&

Here cn=/ is a wildcard, meaning whatever is requested under the mapping, and the ampersand in files:/home/& is substituted with the value of the wildcard.

In flat file terms it’s equivalent to:

    * -fstype=nfs,tcp,rw,intr files:/home/&

This means that whenever I try to access /home/iain, the automounter will try to mount files:/home/iain and show me what’s there.

A per-user configuration would, as I’m sure you can guess, require an LDAP entry such as this:

    dn: cn=iain,ou=auto.home,ou=mounts,dc=iain,dc=cx
    objectClass: automount
    cn: iain
    automountInformation: files:/home/iain

You’ll notice that the Mac and Linux configurations aren’t strictly speaking the same. The Mac configuration mounts files:/home directly whereas the Linux configuration mounts files:/home/X on demand for all X. In a large network you’d want to do things the way I’ve set up Linux. On my network I want to do things the way I’ve set up the Mac.

Ways to get around this:

• Remove /home and symlink it to /net/files/home. This would work out of the box with AutoFS.
• Undo the NFSHomeDirectory mapping from Part 3 and set up an automount entry for /Network/Servers/files/home; set users’ home directories under there. In other words adapt the UNIX environment to the Mac, not the other way round.