On Mon, 7 Mar 2011, Nico Kadel-Garcia wrote: > NFSv4 is *NOT* your friend, and Kerberizing it effectively is not > trivial. I'm using Centrify for that and to have a reliable upstream > vendor who can actually support it. (I'm on a contract.) What's the > issue you're encountering, besides the lack of "nfs4-acl-editor" in > the RPM's. With a CentOS 5 server and a CentOS 5 client, I've yet to manage to get it play nicely for long periods without deciding that I'm evil. Sometimes it works fine, then a reboot or a minor tinker that I'm sure shouldn't affect anything will leave it refusing to mount with Operation not permitted. Or it'll let me mount it as root, but as soon as I use it with a kerberos ticket will have a big long pause before deciding it doesn't like me. Client works fine against an EMC box, and I've had the server working before I started using Active Directory. > nfs4-acl-editor is actually built into the nfs4 tools source tree, > it's just not compiled. It's not a perfect tool, but I think well > worth getting into the "extras" repository for CentOS. nfs4-acl-tools-0.3.3-1.el5, standard in CentOS. That not do what you need? jh