Thank you so much for all these insightful explanations Jordan. I might consider setting up LDAP eventually, but not now.
Jordan wrote: > Is example.com your AD domain? Yes. And my NFS client is Ubuntu 8.04 with the krb5-user and krb5-config packages installed, a /etc/krb5.keytab file, and the share mounted with "mount -t nfs4 -o sec=krb5i solaris:/share /share". Non-root users on Ubuntu create their own Kerberos tickets with kinit(1) to access the NFS share. > If so, I believe this is intended to work, but I can't say that it's > been exercised as much as one might like. > > Also: if your NFSv4 domain has the same name as your AD domain, there's a > conflict of sorts. Names in that domain will be interpreted as UNIX names > (rather than as AD names) and so if they don't exist in the UNIX namespace > it's an error and they turn into "nobody". My NFSv4 domain is indeed the same; the system auto-detected it from the nameserver: $ cat /var/run/nfs4_domain example.com So are you saying I should try after "sharectl set -p nfsmapid_domain=any-other-name.com nfs" and ownership should be handled correctly? I will try tomorrow. -- This message posted from opensolaris.org _______________________________________________ cifs-discuss mailing list cifs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
