samba AD, keberos, NFS - not working

VigneshDhanraj G vigneshdhanraj.g at
Thu Dec 20 14:38:52 UTC 2018


Upgraded the samba from 4.7.7 to 4.9.3 in debian. Trying to get Samba AD
4.9.3 as a Kerberos source for nfs4.
Until 4.7.7 able to mount the nfs4 over krb5 security. After upgrade unable
to mount it.
Suggest me is there any configure change in 4.9.3. Please look the
following configuration.

[Global] available= yes restrict anonymous= 0 Workgroup= SAM netbios name=
x2 realm= SAM.COM password server=, * idmap backend= tdb idmap
uid= 5000-9999999 idmap gid= 5000-9999999 idmap config SAM  : backend= rid
idmap config SAM  : range= 10000000-19999999 security= ADS name resolve
order= wins host bcast lmhosts client use spnego= yes dns proxy= no winbind
use default domain= no winbind nested groups= yes inherit acls= yes winbind
enum users= yes winbind enum groups= yes winbind separator= \\ winbind
cache time= 300 winbind offline logon= true template shell= /bin/sh
kerberos method= secrets and keytab map to guest= Bad User host msdfs= yes
strict allocate= no encrypt passwords= yes printcap name= lpstat printable=
no load printers= yes max smbd processes= 500 getwd cache= yes use
sendfile= yes winbind sequence directory= /tmp/samba log level= 0 max log
size= 50 unix extensions= no dos charset= ascii state directory=
/mnt/system/samba/system cache directory= /tmp/samba/ ntlm auth= Yes
winbind expand groups= 1 idmap config * : backend= tdb idmap config * :
range= 3000-7999

console output:

*mount.nfs4: access denied by server while mounting*


More information about the samba-technical mailing list