[Samba] Again NFSv4 and Kerberos at the 'samba way'...
L.P.H. van Belle
belle at bazuin.nl
Wed Oct 31 11:21:15 UTC 2018
Marco,
New idea..
For the server part: man rpc.svcgssd
Option : -n
Use the system default credentials (host/FQDN at REALM) rather than the default nfs/FQDN at REALM.
And the host spn is correct everywhere as far i've seen.
Add in /etc/default/nfs-kernel-server
RPCSVCGSSDOPTS=" -n"
Client Part.
In conjuction with see: man rpc.gssd
rpc.gssd searches in the following order for a principal to use.
The first matching credential is used.
For the search, <hostname> and <REALM> are replaced with the local system's hostname and Kerberos realm.
<HOSTNAME>$@<REALM>
root/<hostname>@<REALM>
nfs/<hostname>@<REALM>
host/<hostname>@<REALM>
root/<anyname>@<REALM>
nfs/<anyname>@<REALM>
host/<anyname>@<REALM>
So this should work also.
Im testing this after my lunch.
Greetz,
Louis
More information about the samba
mailing list