Hi, I am using a test computer kernel 2.6.32-279.11.1.el6.x86_64 joined to an Active directory with winbind I am getting A kerberos Ticket with the authentication with /etc/security/pam_winbind.conf krb5_auth = yes krb5_ccache_type = FILE /etc/request-key.conf is configured like this : create cifs.spnego * * /usr/sbin/cifs.upcall %k create dns_resolver * * /usr/sbin/cifs.upcall %k I got the ticket from kerberos [conrad3@centad5 ~]$ klist Ticket cache: FILE:/tmp/krb5cc_16777217 Default principal: conrad3@DOMAIN.LOCAL Valid starting Expires Service principal 11/07/12 00:33:48 11/07/12 10:33:48 krbtgt/DOMAIN.LOCAL@DOMAIN.LOCAL renew until 11/14/12 00:33:48 11/07/12 00:33:48 11/07/12 10:33:48 CENTAD5$@DOMAIN.LOCAL renew until 11/14/12 00:33:48 11/07/12 00:33:48 11/07/12 10:33:48 CENTAD5$@DOMAIN.LOCAL renew until 11/14/12 00:33:48 11/07/12 00:41:57 11/07/12 10:33:48 cifs/figue@DOMAIN.LOCAL renew until 11/14/12 00:33:48 When i put a entry in fstab, everything is working when i do mount /partage as a user FSTAB //figue/data/conrad4 /partage cifs sec=krb5i,user,nounix,file_mode=0700,dir_mode=0700,noauto fs/cifs/cifs_spnego.c: key description = ver=0x2;host=figue;ip4=130.120.x.xx;sec=krb5;uid=0x1000001;creduid=0x1000001;user=conrad3 ;pid=0xc2d Howether i got a problem with fstab, it seems to not pass the creduid options,and i obtain CIFS VFS: cifs_mount failed w/return code = -126 Hereis my different autofs configuration, with the result in dmesg AUTOFS * -fstype=cifs,sec=krb5i,user=& ://figue/data/& fs/cifs/cifs_spnego.c: key description = ver=0x2;host=figue;ip4=130.120.xx.xx;sec=krb5;uid=0x0;creduid=0x0;user=conrad3;pid=0xc6e * -fstype=cifs,sec=krb5i,user=&,uid=& ://figue/data/& fs/cifs/cifs_spnego.c: key description = ver=0x2;host=figue;ip4=130.120.xx.xx;sec=krb5;uid=0x1000001;creduid=0x0;user=conrad3;pid= 0xd02 * -fstype=cifs,sec=krb5i,user=&,uid=&,creduid=& ://figue/data/& fs/cifs/cifs_spnego.c: key description = ver=0x2;host=figue;ip4=130.120.xx.xx;sec=krb5;uid=0x1000001;creduid=0x0;user=conrad3;pid= 0xd02 What could be done to use autofs ?? Regards Serge FULL DEBUG TRACE : fs/cifs/cifsfs.c: Devname: //figue/data/conrad3 flags: 0 fs/cifs/connect.c: CIFS VFS: in cifs_mount as Xid: 99 with uid: 0 fs/cifs/connect.c: prefix path /conrad3 fs/cifs/connect.c: Username: conrad3 fs/cifs/connect.c: UNC: \\figue\data ip: 130.120.xx.xx fs/cifs/connect.c: Socket created fs/cifs/connect.c: sndbuf 23720 rcvbuf 87380 rcvtimeo 0x1b58 fs/cifs/connect.c: CIFS VFS: in cifs_get_smb_ses as Xid: 100 with uid: 0 fs/cifs/connect.c: Existing smb sess not found fs/cifs/cifssmb.c: secFlags 0x1009 fs/cifs/cifssmb.c: Kerberos only mechanism, enable extended security fs/cifs/transport.c: For smb_command 114 fs/cifs/transport.c: Sending smb: total_len 82 fs/cifs/connect.c: Demultiplex PID: 3332 fs/cifs/connect.c: rfc1002 length 0xc5 fs/cifs/transport.c: cifs_sync_mid_result: cmd=114 mid=1 state=4 fs/cifs/cifssmb.c: Dialect: 2 fs/cifs/asn1.c: OID len = 7 oid = 0x1 0x2 0x348 0xbb92 fs/cifs/asn1.c: OID len = 7 oid = 0x1 0x2 0x348 0x1bb92 fs/cifs/asn1.c: OID len = 8 oid = 0x1 0x2 0x348 0x1bb92 fs/cifs/asn1.c: OID len = 10 oid = 0x1 0x3 0x6 0x1 fs/cifs/asn1.c: Need to call asn1_octets_decode() function for not_defined_in_RFC4178@please_ignore fs/cifs/cifssmb.c: Must sign - secFlags 0x1009 fs/cifs/cifssmb.c: negprot rc 0 fs/cifs/connect.c: Security Mode: 0xf Capabilities: 0x8001f3fd TimeAdjust: -3600 fs/cifs/sess.c: sess setup type 4 fs/cifs/cifs_spnego.c: key description = ver=0x2;host=figue;ip4=130.120.xx.xx;sec=krb5;uid=0x1000001;creduid=0x0;user=conrad3;pid= 0xd02 fs/cifs/sess.c: ssetup freeing small buf ffff88003da91140 CIFS VFS: Send error in SessSetup = -126 fs/cifs/connect.c: CIFS VFS: leaving cifs_get_smb_ses (xid = 100) rc = -126 fs/cifs/connect.c: CIFS VFS: leaving cifs_mount (xid = 99) rc = -126 CIFS VFS: cifs_mount failed w/return code = -126 Une messagerie gratuite, garantie à vie et des services en plus, ça vous tente ? Je crée ma boîte mail www.laposte.net -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
