-
Notifications
You must be signed in to change notification settings - Fork 3
Windows NFS
Charles Hedrick edited this page Jan 9, 2019
·
5 revisions
Mostly we followed normal instructions, but setting up UID/GID mapping was interesting.
- In ksetup, need to set the flag saying that the realm supports canonicalization. Otherwise attempts to use GSSAPI with usrname lasso$ fail. MIT Kerberos only uses aliases if the request specifies canonicalization.
- "nfsadmin mapping" lets you configure the actual mapping. It should enable AD style lookup, with a domain of krb1.cs.rutgers.edu. Eventually I'll test using cs.rutgers.edu instead.
- The IPA host entry has to add host$ as an alias: ipa host-add-principal lasso.rutgers.edu 'lasso$'