With GSSAPI enabled the user logs in fine with no further password prompt, but
they cannot access any of the NFSv4 disks. I don’t know how GSSAPI works but I
presume that it is passing on to the target system an existing Kerberos ticket,
which is accepted for login; but it cannot be forwarded a
Yes we do. We run a cluster which uses NFSv4 exclusively to access the
shared file system (on Dell PowerScale), so all users need the Kerberos
tickets from Active Directory to even access their login directories. We
use the RFC2307 attributes in AD to provide a consistent UID and GID for all
ou
