On 08/28/2013 06:04 PM, Barbara Krasovec wrote:
On 8/28/13 11:29 AM, natxo asenjo wrote:
for nfsv4 it is my understanding you need a central user store like ldap or nis (but don't use nis) or synchronize your password file to eternity. I do not have a centos nfs server (or a linux one, for that matter, what I want from nfsv4 are mainly the extended acls and those are not there until somebody wakes up and merges the richacl patch into the mainstream kernel), only clients, but they work fine using nfsv4 to both netapp as zfs (omnios) filers.
Both the clients as the filers are configured to lookup up users in ldap (ipa in our case).
I have no experience with idmapd in linux, but in solaris and netapp it gets ugly quite easily :-)
It also works with same UID-s on server/client, just setting the domainname in idmapd.conf. Ldap is not obligatory.
that's why I wrote 'synchronize your password file to eternity' ;-)
But really, don't do that, use a central store. Much easier unless you have a very very tiny network (but those tend to grow unexpectedly).