[OmniOS-discuss] NFSv4 id mapping only working on client but not server?
Ian Kaufman
ikaufman at eng.ucsd.edu
Wed Dec 17 00:29:39 UTC 2014
There has been some work on multi-domain Kerberos in NFSv4, going back
to 2010. Not sure where things stand though.
https://www.ietf.org/proceedings/10mar/slides/nfsv4-5.pdf
Ian
On Tue, Dec 16, 2014 at 4:27 PM, Paul B. Henson <henson at acm.org> wrote:
>> From: Schweiss, Chip
>> Sent: Tuesday, December 16, 2014 6:02 AM
>>
>> It seems there a many ways to map ID in NFSv4, is there a way to not map
>> them at all?
>
> I believe linux supports disabling ID mapping and using raw uid/gids on the wire instead of strings, but I don't think illumos does?
>
>> All the current file systems being migrated are NFSv3 with AUTH_SYS. I'd
>> consider moving them all to kerberos authentication, but something tells me
>> that may be impossible with the multiple domains.
>
> Multiple Kerberos realms too? I don't think illumos can have more than one kerberos realm defined for NFS...
>
>
--
Ian Kaufman
Research Systems Administrator
UC San Diego, Jacobs School of Engineering ikaufman AT ucsd DOT edu
More information about the OmniOS-discuss
mailing list