<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 03/28/2015 12:22 PM, Jose Luis
Mantilla wrote:<br>
</div>
<blockquote
cite="mid:CALOHa1OnwyZjvE7s2qUx6ZCan1MGCOrn-B3zsjrhGBAhi34aOA@mail.gmail.com"
type="cite">
<div dir="ltr">Adding below mail:<br>
<br>
[root@server2 home]# ssh jmantilla@desktop2<br>
jmantilla@desktop2's password:<br>
Creating home directory for jmantilla.<br>
Last login: Sat Mar 28 11:05:48 2015 from <a
moz-do-not-send="true" href="http://server2.example.com">server2.example.com</a><br>
Could not chdir to home directory /home/remoteusers/jmantilla:
No such file or directory<br>
-sh-4.1$ pwd<br>
/<br>
<div>
<div class="gmail_extra"><br>
[root@server2 home]# getent passwd jmantilla<br>
jmantilla:*:6001:6001:Jose
Mantilla:/home/remoteusers/jmantilla:/bin/sh<br>
<br>
</div>
<div class="gmail_extra">Service nfs is running<br>
</div>
<div class="gmail_extra">Service autofs is stopped<br>
</div>
<div class="gmail_extra"><br>
</div>
<div dir="ltr">What can I do?<br>
</div>
</div>
</div>
</blockquote>
<br>
<br>
Why are you trying to do it manually?<br>
Steps:<br>
Install the server.<br>
Configure your NFS server. Do you plan to use Kerberos
authentication for automount? If so then you need to issue keytab
for the NFS principal for NFS server. NFS principal/keytab is not
not needed on the client, client uses host keytab.<br>
So on the client install the client using ipa-client-install, then
you can configure automount on it.<br>
<br>
Freeipa.org is down at the moment but when it is back i nthe morning
please check HOWTOs there, I recall there wore instructions about
NFS.<br>
<br>
<blockquote
cite="mid:CALOHa1OnwyZjvE7s2qUx6ZCan1MGCOrn-B3zsjrhGBAhi34aOA@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<table border="0" cellpadding="0" cellspacing="0"
height="104" width="429">
<tbody>
<tr style="height:52.55pt">
<td style="width:62.1pt;padding:0cm
5.4pt;height:52.55pt" valign="top" width="83">
<p><b><span></span><span></span></b><a
moz-do-not-send="true"
href="https://www.redhat.com/wapps/training/certification/verify.html?certNumber=130-191-612&isSearch=False&verify=Verify"
target="_blank"><img moz-do-not-send="true"
alt="Verificacion de certificado"
src="https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcRoBMetKRy0iaqFZl3D2V-c-NbGDIC4Tw-JYW4qO8h8-mJj-Hk7"
height="96" width="59"></a><br>
<font size="1">Click to verify</font><br>
<span style="font-size:8pt;color:rgb(31,73,125)"
lang="ES"></span></p>
</td>
<td style="width:311.25pt;padding:0cm
5.4pt;height:52.55pt" valign="top" width="415">
<p><b><span
style="font-size:8pt;font-family:"Verdana","sans-serif";color:rgb(66,119,48)"
lang="ES-TRAD"><span
style="color:rgb(0,0,0)"></span></span></b></p>
<p><b><span
style="font-size:8pt;font-family:"Verdana","sans-serif";color:rgb(66,119,48)"
lang="ES-TRAD"><span
style="color:rgb(0,0,0)">Ing. José Luis
Mantilla G.</span><br>
</span></b><span
style="color:rgb(102,102,102)"><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">Red Hat Certified Instructor
/ Examiner RHEL<b> </b></span><b><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">6, 7<br>
</span></b><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">RHCE - RHCV - RHCI - RHCX -
RHCSA</span><b><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD"><br>
</span></b><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">Developer PHP, Member TeamQA
Centos</span><b><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD"><br>
</span></b></span><span
style="color:rgb(102,102,102)"><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">Cell phone: (1) 832-908-6210 </span></span><span
dir="ltr"></span> <br>
<span style="color:rgb(102,102,102)"><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">Public GPG Key = </span></span><a
moz-do-not-send="true"
href="http://pool.sks-keyservers.net/pks/lookup?op=get&search=0x94DA057CFC3B3963"
target="_blank">FC3B3963</a> <span
style="color:rgb(102,102,102)"><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD"><br>
</span></span><span><span
style="color:rgb(102,102,102)"><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">United States - Houston
Texas -2015</span></span></span> <br>
</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="gmail_extra">
<div>
<div class="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div></div>
</div>
</div>
</div>
</div>
</div>
<br>
<div class="gmail_quote">On Sat, Mar 28, 2015 at 10:19 AM,
Jose Luis Mantilla <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:joseluismantilla@gmail.com"
target="_blank">joseluismantilla@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div dir="ltr">Can someone help me please?<br>
<br>
I would like that anyone write the steps only with 2
machines (server ipa with nfs, and ipa client), I
executed the guide but isn't make it, I think that
need some steps!!.<br>
<br>
There are 2 machines, <a moz-do-not-send="true"
href="http://server2.example.com" target="_blank">server2.example.com</a>
(with ipa server and NFS) and <a
moz-do-not-send="true"
href="http://desktop2.example.com" target="_blank">desktop2.example.com</a>
(only with ipa-client)<br>
<br>
My steps:<br>
Server<br>
After install ipa-server.<br>
1) Add service with web UI<br>
2) Add automount location with<br>
Location=test<br>
key=/jmantilla
description=-ro,soft,server2.example.com:/home/remoteusers/jmantilla<br>
<br>
User=jmantilla<br>
Home directory=/home/remoteusers/jmantilla<br>
<br>
Configuring automount on server system<br>
--Auto.master<br>
/home/remoteusers /etc/auto.ipa<br>
--auto.ipa<br>
jmantilla -rw
server2.example.com:/home/remoteusers/jmantilla<br>
<br>
After<br>
#kinit admin<br>
I don't need to run:<br>
#ipa-getkeytab -s <a moz-do-not-send="true"
href="http://server2.example.com" target="_blank">server2.example.com</a>
-p nfs/<a moz-do-not-send="true"
href="http://server2.example.com" target="_blank">server2.example.com</a>
-k /etc/krb5.keytab<br>
#ipa-getkeytab -s <a moz-do-not-send="true"
href="http://server2.example.com" target="_blank">server2.example.com</a>
-p nfs/<a moz-do-not-send="true"
href="http://server2.example.com" target="_blank">server2.example.com</a>
-k /root/nfs-client.keytab<br>
#( echo rkt /root/nfs-client.keytab; echo wkt
/etc/krb5.keytab) |ktutil<br>
My server and client and in an IPA domain, the keytabs
should only be generated to /etc/krb5.keytab on the
IPA server. (Ipa domain)<br>
<br>
Verifying<br>
[root@server2 ~]# ipa service-show nfs/<a
moz-do-not-send="true"
href="http://server2.example.com" target="_blank">server2.example.com</a><br>
Principal: nfs/<a moz-do-not-send="true"
href="mailto:server2.example.com@EXAMPLE.COM"
target="_blank">server2.example.com@EXAMPLE.COM</a><br>
Keytab: True<br>
Managed by: <a moz-do-not-send="true"
href="http://server2.example.com" target="_blank">server2.example.com</a><br>
<br>
Client<br>
#kinit admin<br>
#ipa-client-automount --location=test<br>
#ipa-getkeytab -s <a moz-do-not-send="true"
href="http://server2.example.com" target="_blank">server2.example.com</a>
-p nfs/<a moz-do-not-send="true"
href="http://server2.example.com" target="_blank">server2.example.com</a>
-k /etc/krb5.keytab<br>
#ipa-getkeytab -s <a moz-do-not-send="true"
href="http://server2.example.com" target="_blank">server2.example.com</a>
-p nfs/<a moz-do-not-send="true"
href="http://server2.example.com" target="_blank">server2.example.com</a>
-k /tmp/nfs.keytab<br>
#( echo rkt /tmp/nfs.keytab; echo wkt
/etc/krb5.keytab) |ktutil<br>
#service rpcgssd start<br>
#/etc/init.d/rpcbind restart<br>
#/etc/init.d/rpcidmapd restart<br>
#authconfig --update --enablesssd --enablesssdauth
--enablemkhomedir<br>
#/etc/init.d/sshd restart<br>
#vim /etc/sssd/sssd.conf<br>
...<br>
[domain/<a moz-do-not-send="true"
href="http://EXAMPLE.COM" target="_blank">EXAMPLE.COM</a>]<br>
...<br>
krb5_renewable_lifetime = 50d<br>
krb5_renew_interavl = 3600<br>
<br>
#/etc/init.d/sssd restart<br>
<br>
Testing<br>
[root@server2 ~]# ssh cboyle@desktop2<br>
cboyle@desktop2's password:<br>
Last login: Tue Mar 17 21:13:49 2015 from <a
moz-do-not-send="true"
href="http://server2.example.com" target="_blank">server2.example.com</a><br>
-sh-4.1$ <br>
<br>
And nothing!! (what happened)<br>
What I need to do it?<br>
<br>
Thanks<br clear="all">
<div>
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr"> <br>
<div>
<table border="0" cellpadding="0"
cellspacing="0" height="104"
width="429">
<tbody>
<tr style="height:52.55pt">
<td
style="width:62.1pt;padding:0cm
5.4pt;height:52.55pt"
valign="top" width="83">
<p><b><span></span><span></span></b><a
moz-do-not-send="true"
href="https://www.redhat.com/wapps/training/certification/verify.html?certNumber=130-191-612&isSearch=False&verify=Verify"
target="_blank"><img
moz-do-not-send="true"
alt="Verificacion de
certificado"
src="https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcRoBMetKRy0iaqFZl3D2V-c-NbGDIC4Tw-JYW4qO8h8-mJj-Hk7"
height="96" width="59"></a><br>
<font size="1">Click to
verify</font><br>
<span
style="font-size:8pt;color:rgb(31,73,125)"
lang="ES"></span></p>
</td>
<td
style="width:311.25pt;padding:0cm
5.4pt;height:52.55pt"
valign="top" width="415">
<p><b><span
style="font-size:8pt;font-family:"Verdana","sans-serif";color:rgb(66,119,48)"
lang="ES-TRAD"><span
style="color:rgb(0,0,0)"></span></span></b></p>
<p><b><span
style="font-size:8pt;font-family:"Verdana","sans-serif";color:rgb(66,119,48)"
lang="ES-TRAD"><span
style="color:rgb(0,0,0)">Ing.
José Luis Mantilla G.</span><br>
</span></b><span
style="color:rgb(102,102,102)"><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">Red Hat
Certified Instructor /
Examiner RHEL<b> </b></span><b><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">6, 7<br>
</span></b><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">RHCE -
RHCV - RHCI - RHCX -
RHCSA</span><b><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD"><br>
</span></b><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">Developer
PHP, Member TeamQA
Centos</span><b><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD"><br>
</span></b></span><span
style="color:rgb(102,102,102)"><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">Cell
phone: <a
moz-do-not-send="true"
href="tel:%281%29%20832-908-6210" value="+18329086210" target="_blank">(1)
832-908-6210</a> </span></span><span
dir="ltr"></span> <br>
<span
style="color:rgb(102,102,102)"><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">Public
GPG Key = </span></span><a
moz-do-not-send="true"
href="http://pool.sks-keyservers.net/pks/lookup?op=get&search=0x94DA057CFC3B3963"
target="_blank">FC3B3963</a>
<span
style="color:rgb(102,102,102)"><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD"><br>
</span></span><span><span
style="color:rgb(102,102,102)"><span
style="font-size:8pt;font-family:"Verdana","sans-serif""
lang="ES-TRAD">United
States - Houston Texas
-2015</span></span></span>
<br>
</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.</pre>
</body>
</html>