> The fact that Fedora and FreeBSD show nobody for file ownership even when they seems to do the right thing when talking to the NFSv4 server
At least in my production Kerberized NFSv4 environment, this indicates rpc.idmapd isn't running. You will need it on _both_ the server and client. A simple "Domain = your.domain.here", "Local-Realms = your.domain.here" will suffice. Older kernels require a reboot before this config takes effect.
Re: files that are misattributed to nobody/nogroup, I've seen this before (on Debian, as it happens).
The problem came from an unexpected source: /etc/hosts. Originally my machines each had a hosts entry such as:
a.b.c.d myhost myhost.mydomain
But I learned that uid/gid resolution on the NFS client worked only if the qualified name comes first:
a.b.c.d myhost.mydomain myhost
Unfortunately it's been a while since this discovery, so I don't have a reference to whatever docs/bugs/etc. clued me in to this. Hope it works for you!
>Having to type kinit after logging into the machine is annoying.
I'm circunventing that by using sssd in the clients
> The fact that Fedora and FreeBSD show nobody for file ownership even when they seems to do the right thing when talking to the NFSv4 server
At least in my production Kerberized NFSv4 environment, this indicates rpc.idmapd isn't running. You will need it on _both_ the server and client. A simple "Domain = your.domain.here", "Local-Realms = your.domain.here" will suffice. Older kernels require a reboot before this config takes effect.
Re: files that are misattributed to nobody/nogroup, I've seen this before (on Debian, as it happens).
The problem came from an unexpected source: /etc/hosts. Originally my machines each had a hosts entry such as:
a.b.c.d myhost myhost.mydomain
But I learned that uid/gid resolution on the NFS client worked only if the qualified name comes first:
a.b.c.d myhost.mydomain myhost
Unfortunately it's been a while since this discovery, so I don't have a reference to whatever docs/bugs/etc. clued me in to this. Hope it works for you!