search for: need_gssd

I was used to integrate some linux client in my samba network mounting homes with 'unix extensions = yes', and works as expected, at least with some old lubuntu derivatives. Client side i use 'pam_mount'. Now i'm working on a ubuntu mate derivative, and i've not found a way to start the session properly in CIFS. If i create a plain local home (pam_mkhome), session start as

...d -i 's/NEED_SVCGSSD=""/NEED_SVCGSSD="yes"/g' > /etc/default/nfs-kernel-server > > sed -i 's/NEED_STATD=/NEED_STATD=no/g' /etc/default/nfs-common > > sed -i 's/NEED_IDMAPD=/NEED_IDMAPD=yes/g' /etc/default/nfs-common > > sed -i 's/NEED_GSSD=/NEED_GSSD=yes/g' /etc/default/nfs-common > > > > Idmap.conf > > Add in [general] > > Domain = internal.domain.tld > > Local-Realm = YOUR.REALM > > > > kinit Administrator > > net ads keytab add nfs/hostname1.internal.domain.tld at YOUR.REALM -k &...

...md5 # Server settings for NFSv4 sed -i 's/NEED_SVCGSSD=""/NEED_SVCGSSD="yes"/g' /etc/default/nfs-kernel-server sed -i 's/NEED_STATD=/NEED_STATD=no/g' /etc/default/nfs-common sed -i 's/NEED_IDMAPD=/NEED_IDMAPD=yes/g' /etc/default/nfs-common sed -i 's/NEED_GSSD=/NEED_GSSD=yes/g' /etc/default/nfs-common Idmap.conf Add in [general] Domain = internal.domain.tld Local-Realm = YOUR.REALM kinit Administrator net ads keytab add nfs/hostname1.internal.domain.tld at YOUR.REALM -k # The NFS server. /etc/exports cointains now. /srv 192.168.0.0/2...

...NFSv4 > sed -i 's/NEED_SVCGSSD=""/NEED_SVCGSSD="yes"/g' > /etc/default/nfs-kernel-server > sed -i 's/NEED_STATD=/NEED_STATD=no/g' /etc/default/nfs-common > sed -i 's/NEED_IDMAPD=/NEED_IDMAPD=yes/g' /etc/default/nfs-common > sed -i 's/NEED_GSSD=/NEED_GSSD=yes/g' /etc/default/nfs-common > > Idmap.conf > Add in [general] > Domain = internal.domain.tld > Local-Realm = YOUR.REALM > > kinit Administrator > net ads keytab add nfs/hostname1.internal.domain.tld at YOUR.REALM -k > > # The NFS server. /etc/exp...

...ings: > sed -i 's/NEED_SVCGSSD=""/NEED_SVCGSSD="yes"/g' /etc/default/nfs-kernel-server > sed -i 's/NEED_STATD=/NEED_STATD=no/g' /etc/default/nfs-common > sed -i 's/NEED_IDMAPD=/NEED_IDMAPD=yes/g' /etc/default/nfs-common > sed -i 's/NEED_GSSD=/NEED_GSSD=yes/g' /etc/default/nfs-common Yes, correct needed for all nfs server startups Type : systemctl cat nfs* And see all nfs systemd nfs services at once. Dont forget to enable it : systemctl enable nfs-kernel-server > > Idmap.conf > Add in [general] > Domain = inter...

Is it possible that Samba4 includes a large PAC on the kerberos credential and you're going over the limit in kernel? Against AD you have to disable this PAC inclusion via the userAccountControl attribute to make kerberised NFSv4 work correctly. You /sometimes/ find that testing with a user who is a member of as close to no groups as possible works in this case, but users in many groups

Is it possible that Samba4 includes a large PAC on the kerberos credential and you're going over the limit in kernel? Against AD you have to disable this PAC inclusion via the userAccountControl attribute to make kerberised NFSv4 work correctly. You /sometimes/ find that testing with a user who is a member of as close to no groups as possible works in this case, but users in many groups

Hi, Thank you for replying. User home directory creation is working without the need to edit /etc/pam.d/common-session The logon script I mentioned here is a in-house script to handle directory mounting for file server access, and create shortcut on the account desktop for different logins. On my Linux machines, currently all is done manually by local user account creation and by adding the

...nistrator ### Server1 (NFS exports setup) # /etc/default/nfs-kernel-server NEED_SVCGSSD="yes" ### Server1 and 2 (NFS Server and client) ! only need if you setup as shown on server 1. /etc/default/nfs-common NEED_STATD="yes" STATDOPTS="no" NEED_IDMAPD="yes" NEED_GSSD="yes" ### Server 1 (NFS export setup) # create the nfs shared folder. install -o root -g root -d -m 1777 /exports/users # and load the exports. exportfs -rav systemctl restart nfs-server nfs-client ### Server1 and 2. mkdir /home/users # ( the linux homedir ) You see/noticed that...

Hi everyone, I have a samba DC, let's call it dc1.ad.example.com. I have two members of the domain - server1.ad.example.com and server2.ad.example.com.?? They are not running smbd and winbind. Instead, they are running SSSD with AD backend. I want to create an NFSv4 export on server1.ad.example.com and mount it on server2.ad.example.com (say, sec=krb5). I found some instructions online

...up:root:--- default:group:BUILTIN\134administrators:rwx default:mask::rwx default:other::--- i mounted the folder on the client server this is the mount option # NFS V4 Test servername.internal.domain.tld:/users2 /home/users2 nfs4 sec=krb5 0 0 In /etc/default/nfs-common: NEED_IDMAPD=yes NEED_GSSD=yes NEED_STATD=no /etc/idmap.conf ( on both servers ) Domain = internal.domain.tld [Mapping] Nobody-User = nobody Nobody-Group = nogroup [Translation] Method = nsswitch cat /etc/nsswitch.conf # /etc/nsswitch.conf # # Example configuration of GNU Name Service Switch functionality. # If you h...

Hai..   I need to have my home dirs shared over some of my servers. I did setup a nfs4 kerberos base Debian jessie, samba 4.1.17 and sernet samba 4.1.3 on these servers.   This works, i can mount without problems.   But because verything is created with the windows user tools, the owner/Group is root. Like this   Server:   ls -al drwxrwx---+  2 root  root 4096 Sep  4 13:17