Arthur Morales Sampaio
Cadet
- Joined
- Oct 8, 2016
- Messages
- 8
I am having an extremely hard time in getting NFSv4 kerberized mount to work with FreeIPA.
This is what I have done so far:
FreeIPA 4.2.0
FreeNAS 9.10
I have followed this guide http://wiki.linux-nfs.org/wiki/index.php/NFS_and_FreeIPA
To try and implement the behavior of mounting the user's home directories into NFS within FreeNAS.
Here's the mount point configuration:
Then the NFS configuration within FreeNAS:
I have generated a keytab file by running the ipa-getkeytab command in the FreeIPA server including the following commands:
ipa-getkeytab -s ipa.xm.local -p host/ipa.xm.local -k /etc/krb5.keytab
ipa-getkeytab -s nas.xm.local -p host/nas.xm.local -k /etc/krb5.keytab
ipa-getkeytab -s nas.xm.local -p nfs/nas.xm.local -k /etc/krb5.keytab
And I copied this keytab file to my local computer and uploaded it to FreeNAS using the following screen:
Then when I go to the client which is running Ubuntu (14.04) - Note that I can log in on this client machine using Kerberos credentials from FreeIPA. So I am guessing that our FreeIPA Server setup is working fine.
This is what the mount command provides:
I've checked log files /var/log/syslog and /var/log/kern.log and there are no messages at all at the moment of the mount. Neither FreeNAS logs anything in the console. I am stuck here.
Has anyone ever used FreeNAS NFSv4 mounts for /home directory mounting against a Kerberos server such as FreeIPA? If this is not supported is there any other option for me to mount secure home user directories?
This is what I have done so far:
FreeIPA 4.2.0
FreeNAS 9.10
I have followed this guide http://wiki.linux-nfs.org/wiki/index.php/NFS_and_FreeIPA
To try and implement the behavior of mounting the user's home directories into NFS within FreeNAS.
Here's the mount point configuration:
Then the NFS configuration within FreeNAS:
I have generated a keytab file by running the ipa-getkeytab command in the FreeIPA server including the following commands:
ipa-getkeytab -s ipa.xm.local -p host/ipa.xm.local -k /etc/krb5.keytab
ipa-getkeytab -s nas.xm.local -p host/nas.xm.local -k /etc/krb5.keytab
ipa-getkeytab -s nas.xm.local -p nfs/nas.xm.local -k /etc/krb5.keytab
And I copied this keytab file to my local computer and uploaded it to FreeNAS using the following screen:
Then when I go to the client which is running Ubuntu (14.04) - Note that I can log in on this client machine using Kerberos credentials from FreeIPA. So I am guessing that our FreeIPA Server setup is working fine.
This is what the mount command provides:
I've checked log files /var/log/syslog and /var/log/kern.log and there are no messages at all at the moment of the mount. Neither FreeNAS logs anything in the console. I am stuck here.
Has anyone ever used FreeNAS NFSv4 mounts for /home directory mounting against a Kerberos server such as FreeIPA? If this is not supported is there any other option for me to mount secure home user directories?