[Samba] kerberos nfs4's principals and root access

Rowland Penny rpenny at samba.org
Tue Aug 2 06:47:41 UTC 2016

On Tue, 2 Aug 2016 08:21:30 +0200
Bruno Macadré <bruno.macadre at univ-rouen.fr> wrote:

> Thanks for your answer,
> I already use Winbind AD backend with RFC2307. The only difference is 
> when i use 'getent passwd' logins are never prefixed by domainname....
> So, if I understand well your solution, I must :
> 1. Add unix attributes to my Administrator user (it's mandatory to
> show the account with getent)

No, you should never add RFC2307 attributes to Administrator, it will
break the mapping on a DC and you need this.

> 2. Adding 'username map' option in the member smb.conf
> 3. Creating mapping file like you said

> And after, when I want to access my kerberized NFS share, I just need
> to 'kinit Administrator' before ?

Why do you need to do this ??


More information about the samba mailing list