Bear with me, even though this next paragraph contains Unix stuff, it's just for background, this is actually a Windows-only question. ;)
We're a software development shop that creates software for both Windows and various Unix flavors, as such we rely on an integration from our Unix systems to our Active Directory infrastructure (2012 R2). We have been using NIS, and over the years it's worked sufficiently well. However, we're making the move to LDAP primarily for network security reasons. In my adventures I've found Microsoft's AD contains an implementation of RFC 2307 "Using LDAP as NIS", but it doesn't implement RFC 2307bis which additionally contains some objects and attributes specifically for Unix automount. I have modified our AD with those extra 'bis' objects and attributes, and added the AD content as required for automounts.
However, when a do a lookup for one of these objects I receive a 'not found' even though it is really there (. (e.g. "automountMapName=auto_master,OU=Posix,DC=domain,DC=com"). A tree search shows they're in there as does ADSI edit. I've tried a few different methods for the lookup from both the Windows and Unix sides with the same result. So it would appear the problem is in my AD and not the applications I'm using to do the lookup.
I tried poking around the Interweb and I found that what I was likely missing was defining the automountMapName (on the automountMap object) as an index value. I have since specified it as an index attribute in the AD schema tool. However, no change.
So my question is, do I need to rebuild the AD indices after specifying a new attribute as an index? If so, how? Or am I just wandering down the wrong path here?
Thanks,
-Mike
