Bug 430941 - Lack of instruction about how to utilize the authentication service of the IPA
Lack of instruction about how to utilize the authentication service of the IPA
Product: freeIPA
Classification: Community
Component: ipa-server (Show other bugs)
All Linux
high Severity medium
: ---
: ---
Assigned To: Rob Crittenden
Chandrasekar Kannan
Depends On:
Blocks: 429034
  Show dependency treegraph
Reported: 2008-01-30 13:42 EST by Yi Zhang
Modified: 2013-12-08 20:47 EST (History)
3 users (show)

See Also:
Fixed In Version: freeipa-2.0.0-1.fc15
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-03-27 03:14:49 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Yi Zhang 2008-01-30 13:42:34 EST
Description of problem: In PRD: utilize the authentication service of the IPA is
clearly defined (as below), but there is no instruction from dev about 
I1) the current implementation 
(2) expected IPA server & client behave. 

[Req9.6] The following client applications should utilize the authentication
service of the IPA product 
    * NFS v4 filesharing - configuration documentation to be provided 

Version-Release number of selected component (if applicable): 1.0

Please provide necessary document so QA can write test case

Comment 2 Rob Crittenden 2008-02-07 11:29:22 EST
Simo noted on a mailing list:

You have to run rpc.svcgssd on the server and rpc.gssd on
the client (or both on client and server).

If you don't run rpc.gssd on the client the kernel can't use the user
space daemon to do the GSSAPI work.
Comment 3 Rob Crittenden 2008-02-11 19:36:51 EST
The procedure has been documented at:

Comment 4 Chandrasekar Kannan 2008-04-07 09:07:25 EDT
Yes. NFSv4 w/Kerberos instructions are now available in freeipa.org client
configuration documentation that has been tested and verified.

marking this bug verified.

Note You need to log in before you can comment on or make changes to this bug.