On Thu, 20 Aug 2015, Roberto Cornacchia wrote:
I had Synology support inspect my configuration.
They said that the authorization for the mapping looks for attribute
GSSAuthName in LDAP, but doesn't find it. Therefore, they fall back to
mapping it to nobody.
Does this make sense to you? Is it
I had Synology support inspect my configuration.
They said that the authorization for the mapping looks for attribute
GSSAuthName in LDAP, but doesn't find it. Therefore, they fall back to
mapping it to nobody.
Does this make sense to you? Is it true that GSSAuthName attribute isn't
there?
On
Thanks Alexander,
That's the confirmation I was looking for. Indeed the Synology guy admitted
it was their limitation.
I have already made a feature request for SSSD.
I guess for now I will just get it running with sec=sys.
Best regards, Roberto
On 20 August 2015 at 11:32, Alexander Bokovoy
After some more investigation, I feel the problem I described can be
considered off topic, sorry about that. Initially I had the impression it
could have been more freeIPA-related.
It is sometimes difficult to tell whether the issue would show up
regardless of using freeIPA or not.
Should anyone
On Thu, 13 Aug 2015, Roberto Cornacchia wrote:
After some more investigation, I feel the problem I described can be
considered off topic, sorry about that. Initially I had the impression it
could have been more freeIPA-related.
It is sometimes difficult to tell whether the issue would show up
I have used
RPCGSSDARGS=-vvv
RPCSVCGSSDARGS=-vvv
in /etc/sysconfig/nfs , as suggested in
http://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/Installing_the_IPA_Client_on_Linux.html
In the excerpt below, taken during the mount, meson is the client,
spinque03 is the nfs server
Enabled verbose output for rpc.idmapd as well, and now I see:
nfsidmap[5034]: nss_getpwnam: name 'test1_l@localdomain' does not map into
domain 'hq.spinque.com'
On 12 August 2015 at 12:28, Roberto Cornacchia roberto.cornacc...@gmail.com
wrote:
I have used
RPCGSSDARGS=-vvv
Hi,
I am trying to use a Synology NAS station in my FreeIPA domain to host
automounted home directories (not created automatically for now).
I got almost everything working, but I seem to have a problem with
kerberized nfs.
The NAS logs in the LDAP domain and seems happy with the kerberos
