3
This files contains a single entry with multiple attributes tied to it.
6
usetls - Determines whether an encrypted connection to the ldap server
7
should be attempted. Legal values for the entry are:
11
tlsrequired - This flag tells whether the ldap connection must be
12
encrypted. If set to "yes", the automounter will fail to start
13
if an encrypted connection cannot be established. Legal values
14
for this option include:
18
authrequired - This option tells whether an authenticated connection to
19
the ldap server is required in order to perform ldap queries.
20
If the flag is set to yes, only sasl authenticated connections
21
will be allowed. If it is set to no then authentication is not
22
needed for ldap server connections. If it is set to autodetect
23
then the ldap server will be queried to establish a suitable sasl
24
authentication mechanism. If no suitable mechanism can be found,
25
connections to the ldap server are made without authentication.
26
Finally, if it is set to simple, then simple authentication will
27
be used instead of SASL.
34
authtype - This attribute can be used to specify a preferred
35
authentication mechanism. In normal operations, the
36
automounter will attempt to authenticate to the ldap server
37
using the list of supportedSASLmechanisms obtained from the
38
directory server. Explicitly setting the authtype will bypass
39
this selection and only try the mechanism specified. Legal
40
values for this attribute include:
47
user - This attribute holds the authentication identity used by
48
authentication mechanisms that require it. Legal values for
49
this attribute include any printable characters that can be
50
used by the selected authentication mechanism.
52
secret - This attribute holds the secret used by authentication
53
mechanisms that require it. Legal values for this attribute
54
include any printable characters that can be used by the
55
selected authentication mechanism.
57
clientprinc - When using GSSAPI authentication, this attribute is
58
consulted to determine the principal name to use when
59
authenticating to the directory server. By default, this will
60
be set to "autofsclient/<fqdn>@<REALM>.
62
credentialcache - When using GSSAPI authentication, this attribute
63
can be used to specify an externally configured credential
64
cache that is used during authentication. By default, autofs
65
will setup a memory based credential cache.
68
<autofs_ldap_sasl_conf