Code: Select all
sudo mount -t nfs -o v4.0,sec=krb5 qavs3-qacl6.qa.arkivio.com:/vol2/vol2nfs1 /nfs4-mnt-dir
from below netapp nfsv4 server log centos using SPN with machine account(ARK-CENTOS7-KER$@QA.ARKIVIO.COM) instead of user account(qa1@qa.arkivio.com)
Code: Select all
[ 11] Trying to map SPN 'ARK-CENTOS7-KER$@QA.ARKIVIO.COM' to UNIX user 'ARK-CENTOS7-KER$' using implicit mapping
here is kerberos tickets in centos
Code: Select all
[qa1@ark-centos7-ker ~]$ sudo klist -kte
Keytab name: FILE:/etc/krb5.keytab
KVNO Timestamp Principal
---- ------------------- ------------------------------------------------------
2 04/12/2018 23:13:17 host/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (des-cbc-crc)
2 04/12/2018 23:13:17 host/ARK-CENTOS7-KER@QA.ARKIVIO.COM (des-cbc-crc)
2 04/12/2018 23:13:17 host/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (des-cbc-md5)
2 04/12/2018 23:13:17 host/ARK-CENTOS7-KER@QA.ARKIVIO.COM (des-cbc-md5)
2 04/12/2018 23:13:17 host/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (aes128-cts-hmac-sha1-96)
2 04/12/2018 23:13:17 host/ARK-CENTOS7-KER@QA.ARKIVIO.COM (aes128-cts-hmac-sha1-96)
2 04/12/2018 23:13:17 host/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (aes256-cts-hmac-sha1-96)
2 04/12/2018 23:13:17 host/ARK-CENTOS7-KER@QA.ARKIVIO.COM (aes256-cts-hmac-sha1-96)
2 04/12/2018 23:13:17 host/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (arcfour-hmac)
2 04/12/2018 23:13:17 host/ARK-CENTOS7-KER@QA.ARKIVIO.COM (arcfour-hmac)
2 04/12/2018 23:13:17 ARK-CENTOS7-KER$@QA.ARKIVIO.COM (des-cbc-crc)
2 04/12/2018 23:13:17 ARK-CENTOS7-KER$@QA.ARKIVIO.COM (des-cbc-md5)
2 04/12/2018 23:13:17 ARK-CENTOS7-KER$@QA.ARKIVIO.COM (aes128-cts-hmac-sha1-96)
2 04/12/2018 23:13:17 ARK-CENTOS7-KER$@QA.ARKIVIO.COM (aes256-cts-hmac-sha1-96)
2 04/12/2018 23:13:17 ARK-CENTOS7-KER$@QA.ARKIVIO.COM (arcfour-hmac)
2 04/12/2018 23:13:17 nfs/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (des-cbc-crc)
2 04/12/2018 23:13:17 nfs/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (des-cbc-md5)
2 04/12/2018 23:13:17 nfs/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (aes128-cts-hmac-sha1-96)
2 04/12/2018 23:13:18 nfs/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (aes256-cts-hmac-sha1-96)
2 04/12/2018 23:13:18 nfs/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (arcfour-hmac)
3 05/13/2018 01:17:56 ARK-CENTOS7-KER$@QA.ARKIVIO.COM (des-cbc-crc)
3 05/13/2018 01:17:56 ARK-CENTOS7-KER$@QA.ARKIVIO.COM (des-cbc-md5)
3 05/13/2018 01:17:56 ARK-CENTOS7-KER$@QA.ARKIVIO.COM (arcfour-hmac)
3 05/13/2018 01:17:56 ARK-CENTOS7-KER$@QA.ARKIVIO.COM (aes128-cts-hmac-sha1-96)
3 05/13/2018 01:17:56 ARK-CENTOS7-KER$@QA.ARKIVIO.COM (aes256-cts-hmac-sha1-96)
3 05/13/2018 01:17:56 host/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (des-cbc-crc)
3 05/13/2018 01:17:56 host/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (des-cbc-md5)
3 05/13/2018 01:17:56 host/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (arcfour-hmac)
3 05/13/2018 01:17:56 host/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (aes128-cts-hmac-sha1-96)
3 05/13/2018 01:17:56 host/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (aes256-cts-hmac-sha1-96)
3 05/13/2018 01:17:56 host/ARK-CENTOS7-KER@QA.ARKIVIO.COM (des-cbc-crc)
3 05/13/2018 01:17:56 host/ARK-CENTOS7-KER@QA.ARKIVIO.COM (des-cbc-md5)
3 05/13/2018 01:17:56 host/ARK-CENTOS7-KER@QA.ARKIVIO.COM (arcfour-hmac)
3 05/13/2018 01:17:56 host/ARK-CENTOS7-KER@QA.ARKIVIO.COM (aes128-cts-hmac-sha1-96)
3 05/13/2018 01:17:56 host/ARK-CENTOS7-KER@QA.ARKIVIO.COM (aes256-cts-hmac-sha1-96)
3 05/13/2018 01:17:56 nfs/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (des-cbc-crc)
3 05/13/2018 01:17:56 nfs/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (des-cbc-md5)
3 05/13/2018 01:17:56 nfs/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (arcfour-hmac)
3 05/13/2018 01:17:56 nfs/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (aes128-cts-hmac-sha1-96)
3 05/13/2018 01:17:56 nfs/ark-centos7-ker.qa.arkivio.com@QA.ARKIVIO.COM (aes256-cts-hmac-sha1-96