Keep in mind that http://www.citi.umich.edu/projects/nfsv4/crossrealm/ is experimental. I'm interested in problems you have with ldap v2 though. So are you saying that you are now using pam_krb5 for login authentication? (What does your pam config file look like?) You should contact nfsv4 at linux-nfs.org for help with idmapd.