[Freeipa-users] kerberized nfsv4 client
natxo asenjo
natxo.asenjo at gmail.com
Wed Aug 28 09:44:20 UTC 2013
hi,
probably a stupid question but why do we need to have a host spn in the
kerberos domain for the nfsv4 client to work?
I do not need a host spn principal to access a cifs share on a Windows
AD environment, I can just kinit user at AD.domain from my laptop that is
not joined to the AD domain and once I got the ticket I can use
smbclient -k or with the nautilus file manager I can browse to the
shares get the cifs tickets accessing the shares.
With kerberized nfsv4 the host needs to be joined to the ipa domain or
it will not work, and that is a shame, but there surely is a perfectly
valid reason for this that I have not found yet.
Thanks for your insights on this matter.
--
groet,
natxo
More information about the Freeipa-users
mailing list