On 27/08/12 18:32, Derek Warren wrote:
> Okay, since (quite understandably) nobody wants to touch my earlier
> NFSv4/AD/Kerberos question, here's a simple one:
>
> 2) Why would rpc.gssd on the client be unsuccessful in creating a
> Kerberos context?
For us, nfs4 with a Samba4 AD, gssd fails when it can't find e.g. a
machine key in (by default) /etc/krb5.keytab
It doesn't necessarily need a nfs/hostname key, any one of these work:
<HOSTNAME>$@<REALM>
root/<hostname>@<REALM>
nfs/<hostname>@<REALM>
host/<hostname>@<REALM>
root/<anyname>@<REALM>
nfs/<anyname>@<REALM>
host/<anyname>@<REALM>
HTH
Steve
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
