On 2012-08-27, at 12:49 PM, steve wrote: > BTW, does mounting with Kerberized nfs3 work? It may help narrow down > the problem.
Hmm, I wasn't even aware that was possible. I just tried this and wound up with the same rpc.gssd error: > WARNING: Failed to create krb5 context for user with uid 56055 for server > nfsserver.example.com On 2012-08-27, at 2:51 PM, Nico Williams wrote: > Did you setup the SPNs in AD properly? I believe so, but I would be delighted to hear of anything I could correct. # net ads join createupn="nfs/[email protected]" createcomputer="OU" -U $BINDUSER%$BINDPASSWD # net ads keytab add nfs After these two steps, here's how the servicePrincipalName attribute for the NFSSERVER$ computer object looks in our Win2K8 R2 AD: HOST/NFSSERVER HOST/nfsserver.example.com NFS/nfsserver NFS/nfsserver.example.com NFS/NFSSERVER.EXAMPLE.COM/nfsserver NFS/NFSSERVER.EXAMPLE.COM/nfsserver.example.com Looks the same for nfsclient.example.com. Does that look right? Many thanks, -- Derek Warren, IT Services, Research Computing Group, Simon Fraser University ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
