[Freeipa-users] IPA users central Home Directories

Prasun Gera prasun.gera at gmail.com
Wed Mar 30 07:07:12 UTC 2016 

NFS and ipa are sort of orthogonal unless you mix nfsv4 with kerberos. If
you aren't using kerberos, and don't need kerberos, then the nfs home setup
is pretty straightforward. ipa just controls authentication. If you have a
simple enough environment, you can just add your nfs mounts in the fstab of
clients. If you have something more complex, you can use autofs too, but
that will involve using sssd as the automount provider. There is an ipa
automount setup command which does that configuration. All of this should
also work with nfsv4 and kerberos too, but that just adds another variable
to the mix for debugging.

HA for home directories: There are a lot of file systems with different
properties. That is again pretty orthogonal to ipa.

On Tue, Mar 29, 2016 at 3:07 AM, Shahzad Malik <
Shahzad.Malik at m5networks.com.au> wrote:

> Hi
>
>
> I have recently configured IPA master and replica server. I am trying to
> configure IPA users central home directories which means when a user
> authenticate through IPA on any client, will have same home directory. To
> achieve this goal, I have configured a NFS server, joined and configured
> nfs with IPA.
>
> I have Rhel 7 and CentOS  7 clients. Rhel clients are working as expected,
> when IPA users are authenticated on Rhel clients they can get home
> directory from nfs server. df -h shows any entry of nfs user home directory
> mounted.
>
> When a client is Centos 7, users are able to authenticated from IPA and
> can login but can't get home directory from NFS server. I can manually
> mount a dir with nfs server which verifies communication is working between
> centos client and nfs.
>
> All neccesary ports are open and centos configurations are pretty much
> same as Rhel clients. I even disabled selinux, but no luck. Has anyone
> experienced same issue?
>
> Another question: At the moment, there is single nfs serve which is single
> point of failure, what best method I can use for HA of user home
> directories?
>
> Many Thanks
>
>
> Regards,
>
>
> Shez
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160330/133dc3e5/attachment.htm>

More information about the Freeipa-users mailing list