Samba4: The mit list insist that file server and DC must be one and the same
steve
steve at steve-ss.com
Wed Aug 15 11:16:59 MDT 2012
Hi everyone
I have setup a separate S3 file server for our S4 DC. The problem is
that creating home directoreis for users on an NFS mounted /home share
will not allow root access via krb5 with or without no_root_squash.
The krb5 gurus say that it can't be done via krb5. I have to use
no_root_squash and sec=sys
Here is a copy of what seems to be an impossible scenario of having
Kerberised NFS on a separate box to the DC:
Hi Steve,
no, thats becouse u need a ticket to get into the user directory.
even if u make an su - <username> as root, u wont get into his
homedirectory without the right user ticket - that what it is designded
for, to
protect the userdirectories.
So only solution is to move the Samba Server to the same file server as
the NFS server is.
greetings
Am 15.08.12 17:10, schrieb steve:
> Hi
> openSUSE 12.1
>
> Our Samba4 DC has a Kerberised NFS mounted share. I need the root user
> to be able to write to the share. I can do this with by mounting it with:
> no_root_squash,sec=sys
>
> Is there any way I can do it with:
> sec=krb5
>
> root has a ticket in /tmp/krb5cc_0 but he always gets permission denied
> when the share is mounted krb5, even with the no_root_squash
>
> Cheers,
> Steve
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
More information about the samba-technical
mailing list