... | ... | @@ -475,7 +475,7 @@ Password for ifsuser1@BLUE.CAM.AC.UK: |
|
|
Before mounting the share, please set the attribute **msDS-SupportedEncryptionTypes** of the NFS Service SPN to **0x18**. Or contact us to do so.
|
|
|
|
|
|
```bash
|
|
|
mount -o sec=krb5 ifs-dev-4-nfs.ifs.uis.private.cam.ac.uk:/ifs_dev_4_vol/ifs_dev_4_vol_44 /mnt/nfs4/
|
|
|
mount -o sec=krb5,vers=4 ifs-dev-4-nfs.ifs.uis.private.cam.ac.uk:/ifs_dev_4_vol/ifs_dev_4_vol_44 /mnt/nfs4/
|
|
|
```
|
|
|
|
|
|
The share is now mounted:
|
... | ... | @@ -497,7 +497,7 @@ drwxr-xr-x 7 root root 4096 Feb 17 12:16 ../ |
|
|
|
|
|
#### Mounting the share using Kerberos machine's credentials
|
|
|
|
|
|
You need to join your machine to the Kerberos Realm. Run the realm join command and specify the Organisational Unit (OU) in which the machine account will be created and the user account that has privileges to do that.
|
|
|
You need to join your machine to the Kerberos Realm. Run the realm join command and specify the Organisational Unit (OU) in which the machine account will be created and the user account that has privileges to do that. Please make sure `rpc.gssd` is stopped.
|
|
|
|
|
|
```bash
|
|
|
realm join --computer-ou OU=IFS-Test,OU=Servers,OU=uis,OU=Inst,DC=blue,DC=cam,DC=ac,DC=uk -U uis-ifs-service-test blue.cam.ac.uk --membership-software=adcli -v
|
... | ... | @@ -531,7 +531,7 @@ CGroup: /system.slice/sssd.service |
|
|
The mount command now uses the credentials in krb5.keytab file.
|
|
|
|
|
|
```bash
|
|
|
mount -o sec=krb5 ifs-dev-4-nfs.ifs.uis.private.cam.ac.uk:/ifs_dev_4_vol/ifs_dev_4_vol_44 /mnt/nfs4/
|
|
|
mount -o sec=krb5,vers=4 ifs-dev-4-nfs.ifs.uis.private.cam.ac.uk:/ifs_dev_4_vol/ifs_dev_4_vol_44 /mnt/nfs4/
|
|
|
```
|
|
|
|
|
|
### Configure LDAP Client
|
... | ... | |