[Freeipa-users] Steps for automount

Dmitri Pal dpal at redhat.com
Mon Mar 30 01:55:20 UTC 2015 

On 03/28/2015 12:22 PM, Jose Luis Mantilla wrote:
> Adding below mail:
>
> [root at server2 home]# ssh jmantilla at desktop2
> jmantilla at desktop2's password:
> Creating home directory for jmantilla.
> Last login: Sat Mar 28 11:05:48 2015 from server2.example.com 
> <http://server2.example.com>
> Could not chdir to home directory /home/remoteusers/jmantilla: No such 
> file or directory
> -sh-4.1$ pwd
> /
>
> [root at server2 home]# getent passwd jmantilla
> jmantilla:*:6001:6001:Jose Mantilla:/home/remoteusers/jmantilla:/bin/sh
>
> Service nfs is running
> Service autofs is stopped
>
> What can I do?


Why are you trying to do it manually?
Steps:
Install the server.
Configure your NFS server. Do you plan to use Kerberos authentication 
for automount? If so then you need to issue keytab for the NFS principal 
for NFS server. NFS principal/keytab is not not needed on the client, 
client uses host keytab.
So on the client install the client using ipa-client-install, then you 
can configure automount on it.

Freeipa.org is down at the moment but when it is back i nthe morning 
please check HOWTOs there, I recall there wore instructions about NFS.

> **Verificacion de certificado 
> <https://www.redhat.com/wapps/training/certification/verify.html?certNumber=130-191-612&isSearch=False&verify=Verify>
> Click to verify
>
> 	
>
> **
>
> *Ing. José Luis Mantilla G.
> *Red Hat Certified Instructor / Examiner RHEL***6, 7
> *RHCE - RHCV - RHCI - RHCX - RHCSA*
> *Developer PHP, Member TeamQA Centos*
> *Cell phone: (1) 832-908-6210
> Public GPG Key = FC3B3963 
> <http://pool.sks-keyservers.net/pks/lookup?op=get&search=0x94DA057CFC3B3963> 
>
> United States - Houston Texas -2015
>
>
> On Sat, Mar 28, 2015 at 10:19 AM, Jose Luis Mantilla 
> <joseluismantilla at gmail.com <mailto:joseluismantilla at gmail.com>> wrote:
>
>     Can someone help me please?
>
>     I would like that anyone write the steps only with 2 machines
>     (server ipa with nfs, and ipa client), I executed the guide but
>     isn't make it, I think that need some steps!!.
>
>     There are 2 machines, server2.example.com
>     <http://server2.example.com> (with ipa server and NFS) and
>     desktop2.example.com <http://desktop2.example.com> (only with
>     ipa-client)
>
>     My steps:
>     Server
>     After install ipa-server.
>     1) Add service with web UI
>     2) Add automount location with
>     Location=test
>     key=/jmantilla
>     description=-ro,soft,server2.example.com:/home/remoteusers/jmantilla
>
>     User=jmantilla
>     Home directory=/home/remoteusers/jmantilla
>
>     Configuring automount on server system
>     --Auto.master
>     /home/remoteusers       /etc/auto.ipa
>     --auto.ipa
>     jmantilla -rw server2.example.com:/home/remoteusers/jmantilla
>
>     After
>     #kinit admin
>     I don't need to run:
>     #ipa-getkeytab -s server2.example.com <http://server2.example.com>
>     -p nfs/server2.example.com <http://server2.example.com> -k
>     /etc/krb5.keytab
>     #ipa-getkeytab -s server2.example.com <http://server2.example.com>
>     -p nfs/server2.example.com <http://server2.example.com> -k
>     /root/nfs-client.keytab
>     #(  echo rkt /root/nfs-client.keytab; echo wkt /etc/krb5.keytab)
>     |ktutil
>     My server and client and in an IPA domain, the keytabs should only
>     be generated to /etc/krb5.keytab on the IPA server. (Ipa domain)
>
>     Verifying
>     [root at server2 ~]# ipa service-show nfs/server2.example.com
>     <http://server2.example.com>
>       Principal: nfs/server2.example.com at EXAMPLE.COM
>     <mailto:server2.example.com at EXAMPLE.COM>
>       Keytab: True
>       Managed by: server2.example.com <http://server2.example.com>
>
>     Client
>     #kinit admin
>     #ipa-client-automount --location=test
>     #ipa-getkeytab -s server2.example.com <http://server2.example.com>
>     -p nfs/server2.example.com <http://server2.example.com> -k
>     /etc/krb5.keytab
>     #ipa-getkeytab -s server2.example.com <http://server2.example.com>
>     -p nfs/server2.example.com <http://server2.example.com> -k
>     /tmp/nfs.keytab
>     #( echo rkt /tmp/nfs.keytab; echo wkt /etc/krb5.keytab) |ktutil
>     #service rpcgssd start
>     #/etc/init.d/rpcbind restart
>     #/etc/init.d/rpcidmapd restart
>     #authconfig --update --enablesssd --enablesssdauth --enablemkhomedir
>     #/etc/init.d/sshd restart
>     #vim /etc/sssd/sssd.conf
>     ...
>     [domain/EXAMPLE.COM <http://EXAMPLE.COM>]
>     ...
>     krb5_renewable_lifetime = 50d
>     krb5_renew_interavl = 3600
>
>     #/etc/init.d/sssd restart
>
>     Testing
>     [root at server2 ~]# ssh cboyle at desktop2
>     cboyle at desktop2's password:
>     Last login: Tue Mar 17 21:13:49 2015 from server2.example.com
>     <http://server2.example.com>
>     -sh-4.1$
>
>     And nothing!! (what happened)
>     What I need to do it?
>
>     Thanks
>
>     **Verificacion de certificado
>     <https://www.redhat.com/wapps/training/certification/verify.html?certNumber=130-191-612&isSearch=False&verify=Verify>
>     Click to verify
>
>     	
>
>     **
>
>     *Ing. José Luis Mantilla G.
>     *Red Hat Certified Instructor / Examiner RHEL***6, 7
>     *RHCE - RHCV - RHCI - RHCX - RHCSA*
>     *Developer PHP, Member TeamQA Centos*
>     *Cell phone: (1) 832-908-6210 <tel:%281%29%20832-908-6210>
>     Public GPG Key = FC3B3963
>     <http://pool.sks-keyservers.net/pks/lookup?op=get&search=0x94DA057CFC3B3963>
>
>     United States - Houston Texas -2015
>
>
>
>


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150329/9aa578b5/attachment.htm>

More information about the Freeipa-users mailing list