nfs共享(ldap+kerberos)
# yum -y install krb5-workstation sssd autoconfig-gtk
加入ldap+kerberos略
# kadmin
输入密码
ktadd -k krb5.keytab nfs /aa.ming.com
quit
# mkdir -p /nfssecure/nfsdata
# chown ldapuser2 /nfssecure/nfsdata
# echo '/nfssecure *.ming.com(sec=krb5p,rw)' >> /etc/exports
# vi /etc/idmapd.conf
Local-Realms=ming.com
:wq
# systemctl restart nfs-idamp
# systemctl restart nfs-secure-server
# systemctl restart nfs-server
# systemctl enable nfs-idamp
# systemctl enable nfs-secure-server
# systemctl enable nfs-server
# firewall-cmd --permanent --add-service=nfs
# firewall-cmd --permanent --add-service=mountd
# firewall-cmd --permanent --add-service=rpc-bind