Quantcast
Channel: File Services and Storage Forum
Viewing all articles
Browse latest Browse all 1766

Setup question: NFSv4.1 (W2012) AD-Integrated Kerberos authenticated shares for AD-joined RHEL 6.3 clients

$
0
0

Hello Folks!

(Go easy on me, I'm new here and I'm a Linux SysAdmin who's not the greatest at managing Windows Server 2012 yet...)

TL,DNR:  Has anyone documented (in detail) the process for setting up NFSv4.1 shares on a Windows Server 2012 host which serves to AD-joined RHEL 6.3+ Linux clients via AD-originated tickets?

We currently have Windows Server 2008r2 AD, a single Windows Server2012 file services host set up (somewhat) for NFS, and a bunch of RHEL 6.3 servers that would like to mount the shares on the 2012 box.  All of the RHEL 6.3 servers are joined to the Domain and show up in ADUC.  Further, I can use kinit to obtain Kerberos tickets against our AD for various usernames that were created in AD.  What I can't sort out is how to get the ID mapping set up in the Server 2012 host, to use Active Directory and allow a user with an AD Kerberos ticket on a client Linux box to access their NFS share that has NTFS perms set up for them to have full control over.

I think I'm really just missing some of the Server 2012 side setup steps to complete mapping. 

Ideally we'd like to enforce krb5p, unless it turns out to be too slow.  For now I'd be thrilled just to be able to get any krb5 enforcement working for valid AD users with current AD tickets.

Thanks in advance!


Viewing all articles
Browse latest Browse all 1766

Trending Articles