[EMAIL PROTECTED] (Alok Gore) wrote in message news:<[EMAIL PROTECTED]>... > I took the snoop traces and saw that the client was indeed asking for > wrong ticket during mount.(Because of some goof up in the /etc/hosts )
This tell me you don't have resolv.conf set up to use DNS on the NFS clients. > > I corrected that and now I am able to see the nfs service ticket after > I mount the remote path on the client machine. > > Now Server has the ticket for nfs service in the keytab file and the > client has obtained the nfs service ticket during mount operation. > > > I am not able to cd to the mounted path even now ! > > I analysed the traces between the NFS client and the NFS Server. After > getting the nfs service ticket, the Client should try to establish > Context by making an RPC null proc call in RPCSEC_GSS authentication > flavour. This is not happening. > Looks like the client has decided locally abt the insufficient rights > (??). > > > >>- make des-cbc-crc the default encryption type for both client and > server > >> (in krb5.conf) > > I tried doing this. Same result. > > But I am not sure abt one thing: > The RPCSEC_GSS implentation defines 390003 as the krb5 security > flavour and this uses *DEC,MAC,MD5* triplet as the algorithm for > authentication,integrity and privacy. > > But the des-cbc-md5 mode is not supported by the KDC(MIT KDC running > on Linux machine) could this be a reason for the failure ? That's hard to believe. > > Will moving to a Solaris KDC help ? I honestly don't understand why you are having problems. Hands on access to your systems will be necessary. Consider hiring a consultant to help you get going. ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
