Thanks for that really useful hint, a very preliminary test indicates that that works, both for systems that have automount: sss
and automount: ldap
in /etc/nsswitch.conf
getent automount ....
doesn’t work, because automount is not one of the services recognised by glibc. Insteasd autofs reads /etc/nsswitch.conf directly. From nsswitch.conf(5):
The GNU C Library ignores databases with unknown names.
Some applications use this to implement special handling for their own
databases.
However, it is easy to test the map by invoking automount -fv auto2.master
and checking in another shell that the remote filesystem is mounted correctly on demand.
So, I guess that the use of explicit LDAP syntax for the indirect map name is interpreted by sssd as a hint to not resolve the map by using LDAP internally. This form of the automount maps was generated originally by YaST on an old install of SLES before sssd came into the mix, so it looks like it is time for some tidying up.
I need to do some more testing, but maybe tomorrow I can mark this as solved. Thanks again!