[Samba] NFS4 with samba4 AD for authentication
steve at steve-ss.com
Wed Sep 24 00:05:21 MDT 2014
On 23/09/14 23:36, Lars Hanke wrote:
>>> I'm pretty confused, which principals I'd need and how to create them in
>>> the samba AD.
>> The file server needs the nfs/ principal
>> The client needs any one of nfs/ host/ root/ or simply the MACHINE$ key
> Okay, that seemed to have got me a step forward. I created
> nfs/nfs4.fqdn, removed all enctypes except des-cbc-crc and added it to
> /etc/krb5.keytab of the server.
Our DC (4.1.6) uses arcfour-hmac-md5. It doesn't work with the weak
enctypes unless you tell krb5.conf. Do you have an old version of nfs
that does not recognise the strong keys?
Get DNS setup properly, put the proper keys back in the keytab and try
More information about the samba