Having some kerberos problem

Viswanath Thangamuthu vithanga at in.ibm.com
Wed Aug 9 08:30:20 EDT 2006

I am getting some errors related with kerberos such that  after su to some
KRB5LDAP users I am creating files and then setting acls to that  files
but the files are creating  with "nobody nobody" in the user and group
field instead of creating with actual user and group name.And then I am
trying to set acls using aclput command and it is failing with the
following errors aclput:operation not permitted.

NOTE:  I am executing testcase through the client machine which is having
kerberos client  and LDAP client setup.And also it is a NFS client.

More details
The domain and realm are same on both server and client .Here is the

On Server
realm4.austin.ibm.com nfsdom4.austin.ibm.com

On Client
realm4.austin.ibm.com nfsdom04.austin.ibm.com

Earlier It was realm4.austin.ibm.com  nfsdom3.austin.ibm.com.later I
changed the domain to nfsdom4 (for debugging)  stopped the nfsrgyd daemon
and started it again.Then tried su to user created files got the same
"nobody nobody" in the user and group field.

On client t I mounted filesystem with the following options

 mount -o sec=krb5,acl,vers=4 serverf:/nfstest/nfs_usr_grp /mnt  === NFSv4

Server = LDAP server , kerberos server with LDAP as back-end ,LDAP client
and kerberos client with LDAP as back-end , NFS server as well.
Client = LDAP client ,kerberos client with LDAP as back-end and NFS client
as well.

Pls suggest on this .Thanks in advance.

Thanks & Regards,
Viswanath Thangamuthu,
AIX UPT Team,IBM India Software Lab,
EGL 7D, Off Indiranager-Koramangla Ring Road,
Bangalore 560071.
Phone:41777507  Internal Ext: 77507

More information about the Kerberos mailing list