Hi, You don't say what OS you're dealing with here. Different OS's have different gssd implementations which have a bearing on the issue.
If Linux is involved, you'll get more help mailing the linux-nfs mailing list (linux-nfs.vger.kernel.org). If the server is Linux, a patch has been submitted to work around this issue. That patch isn't yet in a release. Contact me directly, or via the linux list above for more info. K.C. On Thu, Mar 26, 2009 at 2:59 AM, Chinmay P Soman <chinmay.so...@in.ibm.com> wrote: > Hi, > > I am trying to configure a NFS server with kerberos support. The catch is, > the NFS server is part of a cluster. Therefore, all the client mounts are > done using the > cluster name and not the server name. > > For eg: Let cluster name = Mycluster.domain.com , server = > server1.domain.com > > ----------------------- > > In this case, when my NFS client mounts as : > mount -o vers=3,sec=krb5 server1.domain.com:/tmp_share /mnt => This > passes > > However, > mount -o vers=3,sec=krb5 Mycluster.domain.com:/tmp_share /mnt => This > fails. > > > I am guessing the gssd daemon on the server side is creating a context for > its localhost, which is => server1.domain.com > > However, the request is meant for Mycluster.domain.com. Hence, it fails > due to the mismatch. > > > Please clarify if my reasoning is correct. If yes, also please let me know > a possible solution > > > > > Thanks and regards > > Chinmay P Soman > ctdb/panache research activities, SoNAS > IBM India Systems & Technology Lab > Ozone-2, Saswad Road, Pune. > Tel : 91-020-26901666 > ________________________________________________ > Kerberos mailing list Kerberos@mit.edu > https://mailman.mit.edu/mailman/listinfo/kerberos > ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos