How to set up NFS client for Kerberized access in Solaris

Rick Macklem rmacklem at uoguelph.ca
Wed May 12 11:27:29 EDT 2004


wyllys.ingersoll at sun.com (Wyllys Ingersoll) wrote in message news:<409F6F84.3040601 at sun.com>...
[stuff snipped]
> >  - try the following command, to see if the keytab worked
> >   # kinit -k nfs/nfs-alok.blr.novell.com
> >   - if this works ok
> >     - reboot the server (I don't know Solaris well enough to say if this
> >               is necessary or not:-)
> >  
> >
> 
> Definitely NOT necessary.  If it doesn't work, check the KDC logfiles
> to see if the correct tickets are being requested and created when the 
> nfs share
> is being accessed.  Check system logs to see if the kernel is reporting any
> errors from the NFS modules.
> 
Oops, the above was poorly worded. I meant to say that you can use the
"kinit -k" command to check that the keytab works. I didn't mean to imply
that it was necessary to do this to make the NFS mount work. (And I am not
surprised that a Solaris reboot isn't necessary.)

Along with looking at the logs, you could also run "snoop" to see what's
going across the wire during the mount and ls, to try and diagnose any problems.

# snoop -r rpc nfs
would give you the NFS RPCs (at least I think I got the snoop command right?)

Good luck with it, rick


More information about the Kerberos mailing list