Latest Updates

Automount and LDAP on Mac OSX

December 12, 2009

From ‘Leopard’ onwards, OSX supports the standard autofs method for mounting remote filesystems automatically. Specifically, a users home directory may be automounted on logon using attributes provided by the LDAP server. To enable this, the necessary schema entries must be added to the apple.schema file, if this has not already been done.

Updating LDAP

attributetype ( 1.3.6.1.1.1.1.31 NAME 'automountMapName'
DESC 'automount Map Name'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )

attributetype ( 1.3.6.1.1.1.1.32 NAME 'automountKey'
DESC 'Automount Key value'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )

attributetype ( 1.3.6.1.1.1.1.33 NAME 'automountInformation'
DESC 'Automount information'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )

objectclass ( 1.3.6.1.1.1.2.16 NAME 'automountMap'
SUP top STRUCTURAL
MUST ( automountMapName )
MAY description )

objectclass ( 1.3.6.1.1.1.2.17 NAME 'automount'
SUP top STRUCTURAL
DESC 'Automount'
MUST ( automountKey $ automountInformation )
MAY description )

Additional entries are then added to the Mac OSX configuration OU in the LDAP directory. First create the mapping container:

dn: cn=automountMap,ou=macosx,dc=example,dc=co,dc=uk
cn: automountMap
objectClass: container

Now create a master mapping

dn: automountMapName=auto_master,dc=example,dc=co,dc=uk
objectClass: top
objectClass: automountMap
automountMapName: auto_master

and a mapping for home directories:

dn: automountMapName=auto_home,dc=example,dc=co,dc=uk
objectClass: top
objectClass: automountMap
automountMapName: auto_home

Finally the automount key specifying the path:

dn: automountKey=/home,automountMapName=auto_master,dc=example,dc=co,dc=uk
objectClass: top
objectClass: automount
automountKey: /home
automountInformation: auto_home

Configuring the Client Mac

The default configuration should be sufficient here. In /etc/auto_master the line

+auto_master

tells OSX to look to the directory server for mapping information. Similarly in /etc/auto_home

+auto_home

tells OSX to look to the directory server for the details of mounting the users home directory. After updating these files, ask autofs to reread them using

sudo automount -vc

Next time a user logs onto a Mac authenticating against LDAP, the users home directory should be automatically mounted under /home.

Article last modified on January 26, 2014 at 3:41 pm.

Leave a Reply

Your email address will not be published.

Menu