[Freeipa-users] FreeIpa Server + NFSv4 Kerberos mount problem.

[Arthur Morales Sampaio]

Good morning, my name is Arthur and I am working on the integration of
FreeIPA and NFSv4 mounting for home directory sharing for authenticated
users.

This is the first time I am doing this so the problem could be simple. It's
been already a week that I have been struggling with this and I don't know
where else to ask for help. I have read pretty much everything that is to
be read online regarding Freeipa integration.

Here is my scenario:
- FreeIPA server 4.2.0 - Centos7
- FreeNAS (NFSv4 server) 10 - FreeBSD (bundled with FreeNAS)
- Client Ubuntu 16.04. Installed IPA client using ipa-client-install and
imported LDAP credentials. Kerberos login is working properly I can log
into the machines using IPA users. But can't mount NFS4 using sec=krb5
option.

I have a functional FreeIPA server with Kerberos authentication working
properly. But I can't get NFSv4 authenticated to work in freeipa-clients.

Following is the error that I am getting:



I know that this might not be enough detail for me to get help for this
problem. But the thing is that I don't know how to enable a more verbosity
functionality for this.

The desired behavior would be to create mounts for home directories of
users and enable kerberos security to mount them. Meaning that I need only
the owners to be able to mount them.

This is something that is very confusing for me. Wouldn't I be required to
somehow pass to the mount command the username or any credentials of the
kerberos user just so the NFS server would know *WHO* is trying to mount
the directory?

I really exhausted my resources in trying to fix this issue.

Does FreeIPA work with NFSv4?

I sincerely appreciate your help on this one.

Best regards,
Arthur
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20161009/7e1f9e7b/attachment.htm>