LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

June 2015

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS June 2015

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: nfsv4 and rpcidmapd
From:	"Eve V. E. Kovacs" <[log in to unmask]>
Reply To:	Eve V. E. Kovacs
Date:	Tue, 30 Jun 2015 15:39:17 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (65 lines)

Yes, kereberos is used for password authentication; account 
information is supplied by our ldap server. Passwords are not served via 
ldap.
Eve

On Tue, 30 Jun 2015, Orion Poplawski wrote:

> Date: Tue, 30 Jun 2015 15:30:41 -0500
> From: Orion Poplawski <[log in to unmask]>
> To: Eve V. E. Kovacs <[log in to unmask]>, [log in to unmask]
> Subject: Re: nfsv4 and rpcidmapd
> 
> On 06/30/2015 01:46 PM, Eve V. E. Kovacs wrote:
>> We have an SL6 nfsv4 file server and a number of SL6 clients.
>> We were careful to configure idmapd.conf on both the clients and the server to
>> have the same domain name as follows:
>>
>> # The following should be set to the local NFSv4 domain name
>> # The default is the host's DNS domain name.
>> #Domain = local.domain.edu
>> Domain = localdomain
>>
>> All of this worked until recently.
>>
>> Now, when I try to change the ownership of my file 'test' on one of the
>> clients, I get an error:
>> chown: changing ownership of test : Invalid argument
>>
>> On the server, I see errors in the log file:
>>  rpc.idmapd[6092]: nss_getpwnam: name [log in to unmask] does not map into
>> domain 'localdomain'
>>
>> This problem has various solutions posted on the internet. Some solutions
>> claim that all that is required is to have the same domain name on the client
>> and server. We already have this, but still have a problem. Another solution
>> suggests changing the local NFSv4 domain name to match the DNS domain name
>> (which looks promising, given the error message above).
>>
>> Has anyone else had this problem and/or know the fix?
>
> I would definitely recommend using the real domain name, but it does seem like
> the client is sending the "hep.anl.gov" domain name rather than "localdomain",
> and I'm not sure why that would be if it is configured as you described.
> Either way *should* work.  Is kerberos involved at all?
>
>
> -- 
> Orion Poplawski
> Technical Manager                     303-415-9701 x222
> NWRA, Boulder/CoRA Office             FAX: 303-415-9702
> 3380 Mitchell Lane                       [log in to unmask]
> Boulder, CO 80301                   http://www.nwra.com
>

***************************************************************
Eve Kovacs
Argonne National Laboratory,
Room L-177, Bldg. 360, HEP
9700 S. Cass Ave.
Argonne, IL 60439 USA
Phone: (630)-252-6208
Fax:   (630)-252-5047
email: [log in to unmask]
***************************************************************

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV