[Samba] unable to Kerberos NFS mount after machine off overnight
L.P.H. van Belle
belle at bazuin.nl
Thu Jul 22 06:41:02 UTC 2021
Ok, now, this needs bit more info..
OS is handy to know for us.
- many Linux clients Samba 4.13.10
- Samba 4.13.10 AD server, and mounting using Kerberos from multiple NFS servers
Or is it
- many Linux clients Samba 4.13.10 and mounting using Kerberos from multiple NFS servers
- Samba 4.13.10 AD server,
( i would expect the last )
If a machine stays on all the time? A machine ? Client ? AD ? Both?
How do you mount? What did you set?
And a smb.conf would be nice.
Im using nfs4 also here, on debian 10 with systemd
Smb.conf had this
# How you can use kerberos (man smb.conf search : kerberos method )
kerberos method = secrets and keytab
dedicated keytab file = /etc/krb5.keytab
# Renew the kerberos ticket or you member its computer password will expire.
winbind refresh tickets = yes
And the nfs/host.fqdn is set (and in ad + /etc/krb5.keytab )
Tell me more and we can find out whats going on here.
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Jason Keltz via samba
> Verzonden: woensdag 21 juli 2021 19:16
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] unable to Kerberos NFS mount after machine
> off overnight
> I have many Linux clients running winbind from Samba 4.13.10
> joined to
> our Samba 4.13.10 AD server, and mounting using Kerberos from
> NFS servers. If a machine stays on all the time, everything works
> fine. If the machine is rebooted, everything also works as
> On the other hand, if the machine is turned off, say overnight, then
> when it is turned back on in the morning, the machine gets a
> denied" for all NFS mounts. I believe the machine is still joined to
> the domain. For example, I can successfully "getent passwd
> <user>". I
> can "kinit <user>". Everything works fine but NFS! If I re-join the
> domain, then I can mount NFS shares from this machine right
> away without
> even a reboot. I imagine there's some kind of "check in"
> timeout that
> is being exceeded. If so, how often does this happen, and
> can I make it
> happen less frequently?
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba