****Re: [CentOS] Using CentOS 5 as server; best way to setup NFSv4?

Sun Aug 3 03:08:25 UTC 2008
Craig White <craigwhite at azapple.com>

On Sat, 2008-08-02 at 20:25 -0400, Ryan Dunn wrote:
> On Sat, Aug 2, 2008 at 12:44 AM, MJT <centos at mjt1.com> wrote:
>         If you are running your lan as a lab to learn, I would suggest
>         one thing. From
>         what I have read, it seems you just want to have everything
>         work together in
>         a simple manor.
>         Since you have windows involved, you might consider having
>         everything run with
>         samba. With samba, every system would be able to share and use
>         shares on
>         every other computer.
>         You could set up a samba server as a domain controller and use
>         something like
>         pam_smb, pam_ntdom or libpam-smbpass (i've used libpam-smbpass
>         on other
>         systems, but do know if centos makes it available anywhere, it
>         is the only
>         one that I know of that allows for update of the password from
>         Linux) to
>         allow the Linux boxes to authenticate against the samba
>         server.
>         http://www.freebooks.by.ru/view/SambaIn24h/ch16-03.htm
>         In this case, you would not need to set up LDAP which I think
>         is a bit much
>         for what it sounds like you are trying to do. Because you
>         would be mounting
>         Linux to Linux using Samba, you would not need to worry about
>         NFS at all.
>         If it were just a Linux home network, I would do NFS3 with
>         (probably a bad
>         word here) NIS. Yes, NIS is insecure, but so is NFS3. If you
>         use a firewall
>         that would block outgoing NIS packets, it should do good
>         enough for a home
>         network.
>         How this simplifies everything:
>         1: Only one network file system for both windows and Linux,
>         not NFS for Linux,
>         samba for windows.
>         2: Allows Linux access to windows shares and printers.
>         3: If you are using libpam-smbpass you do not need to use a
>         something like
>         LDAP, but rather passdb backend = tdbsam .
>         Your needs may be more complex than what I assumed, but I
>         wanted to put
>         forward one way to consider...
> Thanks MJT.  I kinda thought in the back of my head that I would end
> up with a solution similar to what you describe (I know I'll need to
> learn all about samba anyways).  
> In the meantime, I still want to play around with the ldap to see what
> all it can do.  So the nscd is what will copy the account info to the
> local drive so in the absence of the server, the laptop is still
> usable?  In my setup, I would want the $HOME drives to all be local,
> with a folder inside that would be the network share.
> One thing that I've been somewhat confused on is how to tell the NFS
> server to only use v4 or v3?  Right now I've only got tcp 2049 open in
> the centos firewall, so I'm assuming that it is NFSv4, but other than
> that, I don't know how to tell the difference.  I've look around for
> this and haven't found anything.
I am of the opinion that nscd causes far more problems than it solves
and wouldn't recommend usage.

For laptop purposes, you create the same user, same uid, same home
directory both as a local account and as an LDAP account so the laptop
will function either connected to LAN or not...it's tacky but it will

This is a good clean recommendation for NFS/Firewall...