Re: [Freeipa-users] Steps for automount
Adding below mail: [root@server2 home]# ssh jmantilla@desktop2 jmantilla@desktop2's password: Creating home directory for jmantilla. Last login: Sat Mar 28 11:05:48 2015 from server2.example.com Could not chdir to home directory /home/remoteusers/jmantilla: No such file or directory -sh-4.1$ pwd / [root@server2 home]# getent passwd jmantilla jmantilla:*:6001:6001:Jose Mantilla:/home/remoteusers/jmantilla:/bin/sh Service nfs is running Service autofs is stopped What can I do? [image: Verificacion de certificado] https://www.redhat.com/wapps/training/certification/verify.html?certNumber=130-191-612isSearch=Falseverify=Verify Click to verify *Ing. José Luis Mantilla G.*Red Hat Certified Instructor / Examiner RHEL *6, 7*RHCE - RHCV - RHCI - RHCX - RHCSA Developer PHP, Member TeamQA Centos Cell phone: (1) 832-908-6210 Public GPG Key = FC3B3963 http://pool.sks-keyservers.net/pks/lookup?op=getsearch=0x94DA057CFC3B3963 United States - Houston Texas -2015 On Sat, Mar 28, 2015 at 10:19 AM, Jose Luis Mantilla joseluismanti...@gmail.com wrote: Can someone help me please? I would like that anyone write the steps only with 2 machines (server ipa with nfs, and ipa client), I executed the guide but isn't make it, I think that need some steps!!. There are 2 machines, server2.example.com (with ipa server and NFS) and desktop2.example.com (only with ipa-client) My steps: Server After install ipa-server. 1) Add service with web UI 2) Add automount location with Location=test key=/jmantilla description=-ro,soft,server2.example.com: /home/remoteusers/jmantilla User=jmantilla Home directory=/home/remoteusers/jmantilla Configuring automount on server system --Auto.master /home/remoteusers /etc/auto.ipa --auto.ipa jmantilla -rw server2.example.com:/home/remoteusers/jmantilla After #kinit admin I don't need to run: #ipa-getkeytab -s server2.example.com -p nfs/server2.example.com -k /etc/krb5.keytab #ipa-getkeytab -s server2.example.com -p nfs/server2.example.com -k /root/nfs-client.keytab #( echo rkt /root/nfs-client.keytab; echo wkt /etc/krb5.keytab) |ktutil My server and client and in an IPA domain, the keytabs should only be generated to /etc/krb5.keytab on the IPA server. (Ipa domain) Verifying [root@server2 ~]# ipa service-show nfs/server2.example.com Principal: nfs/server2.example@example.com Keytab: True Managed by: server2.example.com Client #kinit admin #ipa-client-automount --location=test #ipa-getkeytab -s server2.example.com -p nfs/server2.example.com -k /etc/krb5.keytab #ipa-getkeytab -s server2.example.com -p nfs/server2.example.com -k /tmp/nfs.keytab #( echo rkt /tmp/nfs.keytab; echo wkt /etc/krb5.keytab) |ktutil #service rpcgssd start #/etc/init.d/rpcbind restart #/etc/init.d/rpcidmapd restart #authconfig --update --enablesssd --enablesssdauth --enablemkhomedir #/etc/init.d/sshd restart #vim /etc/sssd/sssd.conf ... [domain/EXAMPLE.COM] ... krb5_renewable_lifetime = 50d krb5_renew_interavl = 3600 #/etc/init.d/sssd restart Testing [root@server2 ~]# ssh cboyle@desktop2 cboyle@desktop2's password: Last login: Tue Mar 17 21:13:49 2015 from server2.example.com -sh-4.1$ And nothing!! (what happened) What I need to do it? Thanks [image: Verificacion de certificado] https://www.redhat.com/wapps/training/certification/verify.html?certNumber=130-191-612isSearch=Falseverify=Verify Click to verify *Ing. José Luis Mantilla G.*Red Hat Certified Instructor / Examiner RHEL *6, 7*RHCE - RHCV - RHCI - RHCX - RHCSA Developer PHP, Member TeamQA Centos Cell phone: (1) 832-908-6210 Public GPG Key = FC3B3963 http://pool.sks-keyservers.net/pks/lookup?op=getsearch=0x94DA057CFC3B3963 United States - Houston Texas -2015 -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] Steps for automount
Can someone help me please? I would like that anyone write the steps only with 2 machines (server ipa with nfs, and ipa client), I executed the guide but isn't make it, I think that need some steps!!. There are 2 machines, server2.example.com (with ipa server and NFS) and desktop2.example.com (only with ipa-client) My steps: Server After install ipa-server. 1) Add service with web UI 2) Add automount location with Location=test key=/jmantilla description=-ro,soft,server2.example.com: /home/remoteusers/jmantilla User=jmantilla Home directory=/home/remoteusers/jmantilla Configuring automount on server system --Auto.master /home/remoteusers /etc/auto.ipa --auto.ipa jmantilla -rw server2.example.com:/home/remoteusers/jmantilla After #kinit admin I don't need to run: #ipa-getkeytab -s server2.example.com -p nfs/server2.example.com -k /etc/krb5.keytab #ipa-getkeytab -s server2.example.com -p nfs/server2.example.com -k /root/nfs-client.keytab #( echo rkt /root/nfs-client.keytab; echo wkt /etc/krb5.keytab) |ktutil My server and client and in an IPA domain, the keytabs should only be generated to /etc/krb5.keytab on the IPA server. (Ipa domain) Verifying [root@server2 ~]# ipa service-show nfs/server2.example.com Principal: nfs/server2.example@example.com Keytab: True Managed by: server2.example.com Client #kinit admin #ipa-client-automount --location=test #ipa-getkeytab -s server2.example.com -p nfs/server2.example.com -k /etc/krb5.keytab #ipa-getkeytab -s server2.example.com -p nfs/server2.example.com -k /tmp/nfs.keytab #( echo rkt /tmp/nfs.keytab; echo wkt /etc/krb5.keytab) |ktutil #service rpcgssd start #/etc/init.d/rpcbind restart #/etc/init.d/rpcidmapd restart #authconfig --update --enablesssd --enablesssdauth --enablemkhomedir #/etc/init.d/sshd restart #vim /etc/sssd/sssd.conf ... [domain/EXAMPLE.COM] ... krb5_renewable_lifetime = 50d krb5_renew_interavl = 3600 #/etc/init.d/sssd restart Testing [root@server2 ~]# ssh cboyle@desktop2 cboyle@desktop2's password: Last login: Tue Mar 17 21:13:49 2015 from server2.example.com -sh-4.1$ And nothing!! (what happened) What I need to do it? Thanks [image: Verificacion de certificado] https://www.redhat.com/wapps/training/certification/verify.html?certNumber=130-191-612isSearch=Falseverify=Verify Click to verify *Ing. José Luis Mantilla G.*Red Hat Certified Instructor / Examiner RHEL *6, 7*RHCE - RHCV - RHCI - RHCX - RHCSA Developer PHP, Member TeamQA Centos Cell phone: (1) 832-908-6210 Public GPG Key = FC3B3963 http://pool.sks-keyservers.net/pks/lookup?op=getsearch=0x94DA057CFC3B3963 United States - Houston Texas -2015 -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Steps for automount
On 03/28/2015 12:22 PM, Jose Luis Mantilla wrote: Adding below mail: [root@server2 home]# ssh jmantilla@desktop2 jmantilla@desktop2's password: Creating home directory for jmantilla. Last login: Sat Mar 28 11:05:48 2015 from server2.example.com http://server2.example.com Could not chdir to home directory /home/remoteusers/jmantilla: No such file or directory -sh-4.1$ pwd / [root@server2 home]# getent passwd jmantilla jmantilla:*:6001:6001:Jose Mantilla:/home/remoteusers/jmantilla:/bin/sh Service nfs is running Service autofs is stopped What can I do? Why are you trying to do it manually? Steps: Install the server. Configure your NFS server. Do you plan to use Kerberos authentication for automount? If so then you need to issue keytab for the NFS principal for NFS server. NFS principal/keytab is not not needed on the client, client uses host keytab. So on the client install the client using ipa-client-install, then you can configure automount on it. Freeipa.org is down at the moment but when it is back i nthe morning please check HOWTOs there, I recall there wore instructions about NFS. **Verificacion de certificado https://www.redhat.com/wapps/training/certification/verify.html?certNumber=130-191-612isSearch=Falseverify=Verify Click to verify ** *Ing. José Luis Mantilla G. *Red Hat Certified Instructor / Examiner RHEL***6, 7 *RHCE - RHCV - RHCI - RHCX - RHCSA* *Developer PHP, Member TeamQA Centos* *Cell phone: (1) 832-908-6210 Public GPG Key = FC3B3963 http://pool.sks-keyservers.net/pks/lookup?op=getsearch=0x94DA057CFC3B3963 United States - Houston Texas -2015 On Sat, Mar 28, 2015 at 10:19 AM, Jose Luis Mantilla joseluismanti...@gmail.com mailto:joseluismanti...@gmail.com wrote: Can someone help me please? I would like that anyone write the steps only with 2 machines (server ipa with nfs, and ipa client), I executed the guide but isn't make it, I think that need some steps!!. There are 2 machines, server2.example.com http://server2.example.com (with ipa server and NFS) and desktop2.example.com http://desktop2.example.com (only with ipa-client) My steps: Server After install ipa-server. 1) Add service with web UI 2) Add automount location with Location=test key=/jmantilla description=-ro,soft,server2.example.com:/home/remoteusers/jmantilla User=jmantilla Home directory=/home/remoteusers/jmantilla Configuring automount on server system --Auto.master /home/remoteusers /etc/auto.ipa --auto.ipa jmantilla -rw server2.example.com:/home/remoteusers/jmantilla After #kinit admin I don't need to run: #ipa-getkeytab -s server2.example.com http://server2.example.com -p nfs/server2.example.com http://server2.example.com -k /etc/krb5.keytab #ipa-getkeytab -s server2.example.com http://server2.example.com -p nfs/server2.example.com http://server2.example.com -k /root/nfs-client.keytab #( echo rkt /root/nfs-client.keytab; echo wkt /etc/krb5.keytab) |ktutil My server and client and in an IPA domain, the keytabs should only be generated to /etc/krb5.keytab on the IPA server. (Ipa domain) Verifying [root@server2 ~]# ipa service-show nfs/server2.example.com http://server2.example.com Principal: nfs/server2.example@example.com mailto:server2.example@example.com Keytab: True Managed by: server2.example.com http://server2.example.com Client #kinit admin #ipa-client-automount --location=test #ipa-getkeytab -s server2.example.com http://server2.example.com -p nfs/server2.example.com http://server2.example.com -k /etc/krb5.keytab #ipa-getkeytab -s server2.example.com http://server2.example.com -p nfs/server2.example.com http://server2.example.com -k /tmp/nfs.keytab #( echo rkt /tmp/nfs.keytab; echo wkt /etc/krb5.keytab) |ktutil #service rpcgssd start #/etc/init.d/rpcbind restart #/etc/init.d/rpcidmapd restart #authconfig --update --enablesssd --enablesssdauth --enablemkhomedir #/etc/init.d/sshd restart #vim /etc/sssd/sssd.conf ... [domain/EXAMPLE.COM http://EXAMPLE.COM] ... krb5_renewable_lifetime = 50d krb5_renew_interavl = 3600 #/etc/init.d/sssd restart Testing [root@server2 ~]# ssh cboyle@desktop2 cboyle@desktop2's password: Last login: Tue Mar 17 21:13:49 2015 from server2.example.com http://server2.example.com -sh-4.1$ And nothing!! (what happened) What I need to do it? Thanks **Verificacion de certificado https://www.redhat.com/wapps/training/certification/verify.html?certNumber=130-191-612isSearch=Falseverify=Verify Click to verify ** *Ing. José Luis Mantilla G. *Red Hat Certified Instructor / Examiner RHEL***6, 7 *RHCE - RHCV - RHCI - RHCX - RHCSA* *Developer PHP, Member TeamQA Centos* *Cell phone: (1)
