Hold on,
You should not have problems with >16 groups when using NFS & Krb auth, right?
Only system authentication is affected by this limitation.
Ondrej
-----Original Message-----
From: sssd-users-bounces(a)lists.fedorahosted.org
[mailto:sssd-users-bounces@lists.fedorahosted.org] On Behalf Of John Hodrien
Sent: 17 September 2015 17:38
To: End-user discussions about the System Security Services Daemon
<sssd-users(a)lists.fedorahosted.org>
Subject: Re: [SSSD-users] kerberized nfs4 with sssd id mapping
On Thu, 17 Sep 2015, Isaiah Houston wrote:
Has anyone else experienced this? I saw there was some effort at an
sssd plugin for rpcidmapd, but that doesn't seem complete yet. Is
there a viable workaround so I can get kerberized nfs mounts up?
Without use_fully_qualified_names, I've had no problems with krb5 NFSv4 and sssd.
Only thing I do to deal with >16 groups is this on the server:
/etc/sysconfig/nfs:
RPCMOUNTDOPTS="--manage-gids"
We're running rpc.idmapd on the server, but not on the client.
jh
-----
The information contained in this e-mail and in any attachments is confidential and is
designated solely for the attention of the intended recipient(s). If you are not an
intended recipient, you must not use, disclose, copy, distribute or retain this e-mail or
any part thereof. If you have received this e-mail in error, please notify the sender by
return e-mail and delete all copies of this e-mail from your computer system(s). Please
direct any additional queries to: communications(a)s3group.com. Thank You. Silicon and
Software Systems Limited (S3 Group). Registered in Ireland no. 378073. Registered Office:
South County Business Park, Leopardstown, Dublin 18.