Luc*_*ngi 5 linux nfs kerberos windows-server-2012-r2
我使用 Windows Storage Server 作为文件服务器,现在需要为 linux 客户端机器设置 NFS 共享
在我的测试 Ubuntu 桌面上,我安装了 Kerberos 客户端并使用 kutil 命令设置了密钥表
klist 命令显示票证,但 mount 命令失败
以下是相关详细信息: krb5.conf
[libdefaults]
default_realm = SUB.DOMAIN.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
default_tkt_enctypes = aes256-cts-hmac-sha1-96
default_tgt_enctypes = aes256-cts-hmac-sha1-96
[realms]
SUB.DOMAIN.COM = {
kdc = ad.domain.com
admin_server = ad.domain.com
}
[domain_realm]
.domain.com = SUB.DOMAIN.COM
domain.com = SUB.DOMAIN.COM
Klist命令的输出:
Ticket cache: FILE:/tmp/krb5cc_2595
Default principal: user@SUB.DOMAIN.COM
Valid starting Expires Service principal
2017-07-06 12:19:05 2017-07-06 22:19:05 krbtgt/SUB.DOMAIN.COM@SUB.DOMAIN.COM
renew until 2017-07-13 12:19:01
尝试挂载时出错
sudo mount -v -o sec=krb5,vers=3 fileserver:/user /home/userfolder
mount.nfs: timeout set for Thu Jul 6 12:45:01 2017
mount.nfs: trying text-based options 'sec=krb5,vers=3,addr=192.168.2.14'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying 192.168.2.14 prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=17
mount.nfs: trying 192.168.2.14 prog 100005 vers 3 prot UDP port 2049
mount.nfs: mount(2): Invalid argument
mount.nfs: an incorrect mount option was specified
共享设置为使用 Kerberos v5 进行身份验证
我错过了什么?
Windows Sever 有可怕的 NFS 服务器堆栈:性能不是很好,并且 mgmt 充其量是笨拙的。你可以做什么:启用 Hyper-V 角色并生成一个 FreeBSD 或 Linux VM,里面有一个“普通”的 NFS 服务器。
| 归档时间: |
|
| 查看次数: |
1192 次 |
| 最近记录: |