On 01/09/2017 09:52 AM, Charles Hedrick wrote: > Various documentation suggests that it is possible for Gssproxy to get > tickets for users who need to use NFS. This is a possible way to handle > things like cron jobs. > > However while a gssproxy.conf example is given, there’s no sign of what needs > to be done in freeipa to authorize it. I tried following instructions for > LDAP access, but it doesn’t work. NFS seems to use a different, two-stage > method for getting credentials, so that’s not a surprise. There are, not > surprisingly, no useful error messages even with logging turned all the way > up. > >
I'm interested in this as well. All I've been able to find so far is: https://vda.li/en/posts/2013/07/29/Setting-up-S4U2Proxy-with-FreeIPA/ haven't tried anything. -- Orion Poplawski Technical Manager 720-772-5637 NWRA, Boulder/CoRA Office FAX: 303-415-9702 3380 Mitchell Lane [email protected] Boulder, CO 80301 http://www.nwra.com -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
