[Freeipa-users] FreeIPA NFS4 Kerberos and Autofs Errors mounting user home directories

[Kofi ANSA AKUFO via FreeIPA-users]

Dear All

I am having difficulty getting freeipa server (centos 7..3) and clients
(centos7.3 and debian 9) to working.

Scenario
ipasvr2.inetcom.lan (centos7.3 hosting freeipa server)
nfs2.inetcom.lan (centos 7.3 freeipa client also running nfs server)
vpn.inetcom.lan (debian 9 freeipa client hosting open vpn)

Clients are are to realm and I cal acquire and list tickets on both clients
and server.

The issue is userdirs mapping is not working when user logs into the
ipasvr2 or vpn hosts. They are able to login but their userdirs are not
mapped. However the directories are mounted when they login to the nfs2
host. Below are the logs from /var/log/krb5kdc.log

Aug 26 03:14:24 ipasvr2.inetcom.lan krb5kdc[2454](info): closing down fd 12
Aug 26 03:14:24 ipasvr2.inetcom.lan krb5kdc[2453](info): TGS_REQ (3 etypes
{18 1 23}) 10.7.7.4: ISSUE: authtime 1503717264, etypes {rep=18 tkt=18
ses=18}, host/ipasvr2.inetcom....@inetcom.lan for
ldap/ipasvr2.inetcom....@inetcom.lan
Aug 26 03:14:24 ipasvr2.inetcom.lan krb5kdc[2453](info): closing down fd 12
Aug 26 03:14:38 ipasvr2.inetcom.lan krb5kdc[2456](info): AS_REQ (3 etypes
{18 1 23}) 10.7.7.8: NEEDED_PREAUTH: host/nfs2.inetcom....@inetcom.lan for
krbtgt/inetcom....@inetcom.lan, Additional pre-authentication required
Aug 26 03:14:38 ipasvr2.inetcom.lan krb5kdc[2456](info): closing down fd 12
Aug 26 03:14:38 ipasvr2.inetcom.lan krb5kdc[2454](info): AS_REQ (3 etypes
{18 1 23}) 10.7.7.8: ISSUE: authtime 1503717278, etypes {rep=18 tkt=18
ses=18}, host/nfs2.inetcom....@inetcom.lan for
krbtgt/inetcom....@inetcom.lan
Aug 26 03:14:38 ipasvr2.inetcom.lan krb5kdc[2454](info): closing down fd 12
Aug 26 03:14:38 ipasvr2.inetcom.lan krb5kdc[2455](info): TGS_REQ (3 etypes
{18 1 23}) 10.7.7.8: ISSUE: authtime 1503717278, etypes {rep=18 tkt=18
ses=18}, host/nfs2.inetcom....@inetcom.lan for
ldap/ipasvr2.inetcom....@inetcom.lan
Aug 26 03:14:38 ipasvr2.inetcom.lan krb5kdc[2455](info): closing down fd 12

and this from /var/log/messages

Aug 26 03:18:41 ipasvr2 automount[1228]: handle_packet_missing_indirect:
token 93, name admin, request pid 3113
Aug 26 03:18:41 ipasvr2 automount[1228]: dev_ioctl_send_fail: token = 93
Aug 26 03:18:41 ipasvr2 automount[1228]: handle_packet: type = 3
Aug 26 03:18:41 ipasvr2 automount[1228]: handle_packet_missing_indirect:
token 94, name admin, request pid 3113
Aug 26 03:18:41 ipasvr2 automount[1228]: dev_ioctl_send_fail: token = 94

Freeipa version 4.4.0

grateful to assist to resolve issue.

cheers

_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org