How to set up NFS client for Kerberized access in Solaris
Wyllys Ingersoll
wyllys.ingersoll at sun.com
Thu May 6 15:13:41 EDT 2004
Alok Gore wrote:
>
>
>Yes! In fact, that was the first source of my information.
>I have done everthing including the set-up of gsscred table
>only two things are not clear to me in the doc.
>1) My KDC and the NFS Client server are not time-synchronized. But I
>have set the time manually on those machines which is almost matching.
> But if that *can* create problems like this, I will do a set-up for
>running NTP on those machines. Should I ?
>
>
As long as they are within 5 minutes of each other you should be fine.
>2) Somewhere in the SEAM configuration Doc they say: Two KDCs are must
>for SEAM to work,
>
>
I think you are misunderstanding or the doc is wrong.
You only need 1 KDC and 1 admin_server setting, its good to have 2
in a production environment "just in case", its not a requirement, though.
> Even in my kerberos set-up (during installation) I was forced to
>enter two KDC host names (I have kept both same)
> [realms]
> NFS-REALM = {
> kdc = nfstest5.blr.novell.com
> kdc = nfstest5.blr.novell.com
> admin_server = nfstest5.blr.novell.com
> }
> Does it matter ?
>
>
No.
-Wyllys
More information about the Kerberos
mailing list