Return
-
Title
How do I setup NFS on AIX? -
Description
How do I setup NFS on AIX?
-
Resolution
Here is a general stepped list of tasks to complete in order to enabled NFS on AIX:
1. Setup
- Qas installed/configured on the system; run vastool status command to ensure no errors.
- Check that hostname = fqdn
- Check /etc/hosts integrity for $(uname -n) and localhost/loopback setup
- Install krb5.client and modcrypt.base
2. Configuration: nfs (note, we're not setting up the host mapping tables--not needed)
- chnfsdom domain.com
- chnfsrtd -a $(uname -n).domain.com domain.com
- chnfsrtd -a $(uname -n) domain.com
- nfshostkey -p nfs/$(uname -n).domain.com -f /etc/opt/quest/vas/host.keytab
- mkkrb5clnt -d domain.com -r domain.com -c\ domain.com -s domain.com
3. configureation: QAS
- mv /etc/krb5/krb5.conf /etc/krb5/krb5.conf.orig
- cp /etc/opt/quest/vas/vas.conf /etc/krb5/krb5.conf
- mv /etc/krb5/krb5.keytab /etc/krb5/krb5.keytab.orig
- ln -s /etc/opt/quest/vas/host.keytab /etc/krb5/krb5.keytab
- vastool -u ADMIN -w PASSWD info toconf /etc/krb5/krb5.conf
- vastool configure -f /etc/krb5/krb5.conf vas libdefaults default_tkt_enctypes "des-cbc-crc des-cbc-md5 arcfour-hmac"
- vastool configure -f /etc/krb5/krb5.conf vas libdefaults default_tgs_enctypes "des-cbc-crc des-cbc-md5 arcfour-hmac"
- vastool configure vas libdefaults default_cc_name 'FILE:/var/krb5/security/creds/krb5cc_${uid}'
4. configuration: principal and keys
- vastool -u ADMIN -w PASSWD setattrs -m -s host/$(uname -n) ServicePrincipalName host/$(uname -n) host/$(uname -n).domain.com nfs/$(uname -n).domain.com
- vastool ktutil alias host/$(uname -n).domain.com nfs/$(uname -n).domain.com
- ln -s /etc/opt/quest/vas/host.keytab /etc/opt/quest/vas/nfs.keytab
- vastool ktutil alias host/$(uname -n).domain.com nfs/$(uname -n).domain.com
- vastool -u ADMIN passwd -re -k /etc/opt/quest/vas/host.keytab nfs/
5. complete the configuration
- stopsrc -s gssd
- chnfs -S -B
- startsrc -s nfsrgyd
- mkdir /mnt1
- chmod 755 /,mnt1
- mount -o vers=4,sec=krb5 nas:/dir /mnt1
--> root will show error on mount, but it is there
- Switch to a regular user:
- vastool kinit
- cd /mnt1
- touch file
- rm -f file
-
Additional Information
Further guidance can not be done through Quest Support. Please contact your account rep for more complex implementations.