Hi I'm novice at this and I've been trying to solve this myself but so far my attempts have been futile. My goal is to have an OpenSolaris host in a heterogeneous environment as a storage node, exposing both CIFS and NFS services with Active Directory interoperability where Windows Clients connect using CIFS and a few Linux hosts use NFSv4 with Kerberos (for security and authentication).
As of now, I have a testing environment up and running with one Windows server (2008 R2) configured to be an Active Directory server (with DNS and Kerberos). I've successfully joined two OpenSolaris snv_134 hosts to the domain (using smbadm) and then configured Kerberos on them (basically setting up /etc/krb5/krb5.conf) and everything seems sweet and dandy, except that I seem to have some id mapping problem. Both machines are setup to use nss_ad (I believe it's working, "getent passwd" works successfully) but everything created on the nfs share is always owned by nfs:nobody. I've been trying to figure out where the problem lies, I get nothing I can interpret using "snoop port nfsd" and I've tried an example DTrace-snippet I found here: http://blogs.sun.com/erickustarz/entry/nfsmapid_domain but it is silent. The NFS domains are equal (checked /var/run/nfs4_domain). The share is exported using krb5:krb5i:krb5p and I can browse it and create files. Any help or pointers to get me closer to my goal is most appreciated. Thanks in advance Best regards uvehag -- This message posted from opensolaris.org _______________________________________________ nfs-discuss mailing list [email protected]
