On 27/08/12 20:59, Derek Warren wrote: > Thank you for the insightful responses, Russ, Nico and Steve. >
> > > On 2012-08-27, at 10:59 AM, [email protected] wrote: >> For us, nfs4 with a Samba4 AD, gssd fails when it can't find e.g. a >> machine key in (by default) /etc/krb5.keytab > > Thank you, Steve. My previous diatribe shows that _all_ of those > principals are present in /etc/krb5.keytab on the NFS server and client. > > Interesting that the only obvious differences here are that your setup > works and doesn't contain any Microsoft products... > > Are you using Samba4 to do AD<->UID/GID mapping as well? > Hi Yes. All our rfc2307 comes from Samba4 but I think 2008r2 should work too because we use the same schema. We pull uidNumber:gidNumber on both the DC and the Linux clients using nss-pam-ldapd. BTW, does mounting with Kerberized nfs3 work? It may help narrow down the problem. Cheers, Steve ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
