[Tfug] autofs ldap and tls
Peter Merritt
pwmerritt at weirdwater.org
Mon Sep 25 15:51:01 MST 2006
Thanks Steven, Running Centos 4.3 and Fedora Core 5 clients, did see the
pkg for Debian, will probably need it for the Ubuntu clients when I get
to them. And thank you for the link, that gives me some hope, I had to
compile from hand a number a packages to get this to work, so this does
not look to bad.
Peter
Stephen Hooper wrote:
> I have never tried autofs with TLS, or LDAP, so I am not sure if any
> of that is valid:
>
> Maybe you could try "autofs-ldap" as a package?
>
> I know on Gentoo, compilation options must be given to get autofs to
> feed off of LDAP.
>
> You may also find this to be more helpful. It speaks of a TLS patch:
>
> http://www.timof.qipc.org/autofs/index.html
>
> I think from the brief browsing that I just did, that the problem may
> not be autofs, but glibc, which seems may not have extended the NSS
> functionality to automount retrieval.
>
>
> On 9/24/06, Peter Merritt <pwmerritt at weirdwater.org> wrote:
>
>> I have setup kerberos + ldap to do authentication on my local network,
>> working toward the day when I can eliminate my active directory setup.
>> I'm using it in conjunction with nfsv4/kerberos. I have all the clients
>> using tls to encrypt the the ldap conversations with the exception of
>> automounting. I just can't get it to use tls, I was under the impression
>> that autofs just uses nss. I searched on this but found very little
>> info, basically on ancient reference to autofs not working with tls. Any
>> insight on this would be appreciated, and if it's just not possible got
>> any ideas for work arounds. The only choice I can see now is stunnel to
>> wrap ldap, but this adds more complexity. Thanks In advance.
>> Peter
>>
>> _______________________________________________
>> Tucson Free Unix Group - tfug at tfug.org
>> Subscription Options:
>> http://www.tfug.org/mailman/listinfo/tfug_tfug.org
>>
>>
>
> _______________________________________________
> Tucson Free Unix Group - tfug at tfug.org
> Subscription Options:
> http://www.tfug.org/mailman/listinfo/tfug_tfug.org
>
More information about the tfug
mailing list