On Sat, 2013-07-13 at 18:31 +0400, Andrey Borzenkov wrote:
В Sat, 13 Jul 2013 14:27:43 +0200 lynn
пишет: On Sat, 2013-07-13 at 14:48 +0400, Andrey Borzenkov wrote:
В Sat, 13 Jul 2013 10:06:07 +0200 lynn
пишет: On Sat, 2013-07-13 at 10:20 +0400, Andrey Borzenkov wrote:
В Wed, 03 Jul 2013 13:55:44 +0200 lynn
пишет: Hi How do I put this in /etc/fstab mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser
I've tried: //altea/shared /home/shared cifs sec=krb5,multiuser,username=cifsuser 0 0 and replacing the server with its IP, but nothing.
The manual mount works fine.
Do you mount manually as root or as some other user?
We use a low privilege user, cifsuser. We can't use root. Thanks
username=cifsuser gives just user name on *server* to authenticate mount. What is your *local*, client, user - also "cifsuser", correct? So you are able to mount manually when logged in locally as "cifsuser"?
Hi cifsuser can't login. Her only function is to get a ticket for the fileserver. That bit is working fine, just not where I want it: in fstab.
I'm sorry, but as you do not explain how you perform manual mount, it is not possible to even guess what's going wrong.
Hi My fault entirely. I'm hopeless at asking questions. As local user root (uid 0, gid 0) on a 12.3 client: mount -t cifs //altea/shared /home/shared -osec=krb5,multiuser,username=cifsuser Here is the configuration. Domain: hh3.site. IP: 192.168.1.x/255.255.255.0 1. A client. hostname: catral smb.conf [global] workgroup = HH3 realm = HH3.SITE security = ADS kerberos method = system keytab sssd.conf [sssd] #debug_level = 6 services = nss, pam config_file_version = 2 domains = default [nss] [pam] [domain/default] #debug_level=6 dyndns_update=true dyndns_refresh_interval=16 ad_hostname = catral.hh3.site ad_server = hh16.hh3.site ad_domain = hh3.site ldap_schema = ad id_provider = ad access_provider = simple enumerate = false cache_credentials = true #entry_cache_timeout = 60 auth_provider = krb5 chpass_provider = krb5 krb5_realm = HH3.SITE krb5_server = hh16.hh3.site krb5_kpasswd = hh16.hh3.site ldap_id_mapping=false ldap_referrals = false ldap_uri = ldap://hh16.hh3.site ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_uid_number = uidNumber ldap_user_gid_number = gidNumber ldap_user_home_directory = unixHomeDirectory ldap_user_shell = loginShell ldap_group_object_class = group ldap_group_search_base = dc=hh3,dc=site ldap_group_name = cn ldap_group_member = member ldap_sasl_mech = gssapi ldap_sasl_authid = CATRAL$@HH3.SITE ldap_krb5_keytab = /etc/krb5.keytab ldap_krb5_init_creds = true 2. The file server hostname: altea smb.conf [global] workgroup = HH3 realm = HH3.SITE security = ADS kerberos method = secrets and keytab log level = 3 [users] path = /home/users read only = No [profiles] path = /home/profiles read only = No store dos attributes = Yes create mask = 0600 directory mask = 0700 browseable = No guest ok = No printable = No profile acls = Yes csc policy = disable [shared] path = /home/shared read only = No inherit acls = Yes --- --- --- 3. The DC hostname: hh16 smb.conf [global] workgroup = HH3 realm = HH3.SITE netbios name = HH16 server role = active directory domain controller server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns dns forwarder = 192.168.1.1 idmap_ldb:use rfc2307 = yes [netlogon] path = /usr/local/samba/var/locks/sysvol/hh3.site/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org