LDAP: Change the default rfc2307 autofs attribute mappings

Resolves:
    https://fedorahosted.org/sssd/ticket/2858

The default attribute mappings we used to have:
    ldap_autofs_map_object_class        automountMap
    ldap_autofs_map_name                ou
    ldap_autofs_entry_object_class      automount
    ldap_autofs_entry_key               cn
    ldap_autofs_entry_value             automountInformation

Was wrong. Instead, this patch switches to:
    ldap_autofs_map_object_class        nisMap
    ldap_autofs_map_name                nisMapName
    ldap_autofs_entry_object_class      nisObject
    ldap_autofs_entry_key               cn
    ldap_autofs_entry_value             nisMapEntry

Which are attributes that are available with servers running the default
rfc2307 schema. In addition, this patch adds a syslog and DEBUG message
that warns administrators to double-check their configuration.

We don't warn when the autofs provider is set to AD, because that one
is already correct.

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

2 files changed, 70 insertions, 4 deletions

diff --git a/src/providers/ldap/ldap_options.c b/src/providers/ldap/ldap_options.c
index 1180925d6..018f6c31f 100644
--- a/src/providers/ldap/ldap_options.c
+++ b/src/providers/ldap/ldap_options.c
@@ -406,6 +406,58 @@ int ldap_get_sudo_options(struct confdb_ctx *cdb,
     return EOK;
 }
 
+static bool has_defaults(struct confdb_ctx *cdb,
+                         const char *conf_path,
+                         const char *attrs[])
+{
+    errno_t ret;
+    TALLOC_CTX *tmp_ctx;
+    char *val;
+    bool found_default = false;
+    tmp_ctx = talloc_new(NULL);
+
+    if (tmp_ctx == NULL) {
+        return false;
+    }
+
+    for (size_t i = 0; attrs[i] != NULL; i++) {
+        ret = confdb_get_string(cdb, tmp_ctx, conf_path,
+                               attrs[i], NULL, &val);
+        if (ret != EOK) {
+            continue;
+        }
+
+        if (val == NULL) {
+            found_default = true;
+            break;
+        }
+    }
+
+    talloc_free(tmp_ctx);
+    return found_default;
+}
+
+/* Return true if rfc2307 schema is used and all autofs options use
+ * defaults. Should be removed in future, see
+ * https://fedorahosted.org/sssd/ticket/2858
+ */
+static bool ldap_rfc2307_autofs_defaults(struct confdb_ctx *cdb,
+                                         const char *conf_path)
+{
+    const char *attrs[] = {
+        rfc2307_autofs_entry_map[SDAP_OC_AUTOFS_ENTRY].opt_name,
+        /* SDAP_AT_AUTOFS_ENTRY_KEY missing on purpose, its value was
+         * the same between the wrong and correct schema
+         */
+        rfc2307_autofs_entry_map[SDAP_AT_AUTOFS_ENTRY_VALUE].opt_name,
+        rfc2307_autofs_mobject_map[SDAP_OC_AUTOFS_MAP].opt_name,
+        rfc2307_autofs_mobject_map[SDAP_AT_AUTOFS_MAP_NAME].opt_name,
+        NULL,
+    };
+
+    return has_defaults(cdb, conf_path, attrs);
+}
+
 int ldap_get_autofs_options(TALLOC_CTX *memctx,
                             struct confdb_ctx *cdb,
                             const char *conf_path,
@@ -438,6 +490,20 @@ int ldap_get_autofs_options(TALLOC_CTX *memctx,
               "connecting to the LDAP server.\n");
     }
 
+    if (opts->schema_type == SDAP_SCHEMA_RFC2307 &&
+            ldap_rfc2307_autofs_defaults(cdb, conf_path) == true) {
+        DEBUG(SSSDBG_IMPORTANT_INFO,
+              "Your configuration uses the autofs provider "
+              "with schema set to rfc2307 and default attribute mappings. "
+              "The default map has changed in this release, please make "
+              "sure the configuration matches the server attributes.\n");
+        sss_log(SSS_LOG_NOTICE,
+                _("Your configuration uses the autofs provider "
+                  "with schema set to rfc2307 and default attribute mappings. "
+                  "The default map has changed in this release, please make "
+                  "sure the configuration matches the server attributes.\n"));
+    }
+
     ret = sdap_parse_search_base(opts, opts->basic,
                                  SDAP_AUTOFS_SEARCH_BASE,
                                  &opts->sdom->autofs_search_bases);
diff --git a/src/providers/ldap/ldap_opts.c b/src/providers/ldap/ldap_opts.c
index ff9bf0d8b..524579d4f 100644
--- a/src/providers/ldap/ldap_opts.c
+++ b/src/providers/ldap/ldap_opts.c
@@ -349,15 +349,15 @@ struct sdap_attr_map service_map[] = {
 };
 
 struct sdap_attr_map rfc2307_autofs_mobject_map[] = {
-    { "ldap_autofs_map_object_class", "automountMap", SYSDB_AUTOFS_MAP_OC, NULL },
-    { "ldap_autofs_map_name", "ou", SYSDB_AUTOFS_MAP_NAME, NULL },
+    { "ldap_autofs_map_object_class", "nisMap", SYSDB_AUTOFS_MAP_OC, NULL },
+    { "ldap_autofs_map_name", "nisMapName", SYSDB_AUTOFS_MAP_NAME, NULL },
     SDAP_ATTR_MAP_TERMINATOR
 };
 
 struct sdap_attr_map rfc2307_autofs_entry_map[] = {
-    { "ldap_autofs_entry_object_class", "automount", SYSDB_AUTOFS_ENTRY_OC, NULL },
+    { "ldap_autofs_entry_object_class", "nisObject", SYSDB_AUTOFS_ENTRY_OC, NULL },
     { "ldap_autofs_entry_key", "cn", SYSDB_AUTOFS_ENTRY_KEY, NULL },
-    { "ldap_autofs_entry_value", "automountInformation", SYSDB_AUTOFS_ENTRY_VALUE, NULL },
+    { "ldap_autofs_entry_value", "nisMapEntry", SYSDB_AUTOFS_ENTRY_VALUE, NULL },
     SDAP_ATTR_MAP_TERMINATOR
 };