You are not logged in.
Hi all,
I have a NAS that I'm trying to access from a couple of systems running archlinux (a laptop and a server) with id mapping. I've set up a Kerberos KDC on the server and configured the NAS and both arch clients to perform NFsv4 id mapping using kerberos for authentication. This seems to be working as intended for my own user account after much fiddling - I can run kinit to authenticate as myself and the files I own are mapped properly.
Now onto my question: I'd also like to do id mapping for an account that exists on my server only for running a service, and can't be logged into (specifically the plex account running plex media server). Is there a good way to get a kerberos ticket for accounts like this?
I considered getting a ticket based on a keytab for the plex account, somewhat like what's described here: https://kb.iu.edu/d/aumh#use, but I'm not sure that would work since the ticket would eventually expire. Ideally whatever I do for the plex user would be permanent. Is something like this impossible without a kerberized version of plex?
Thanks for your help!
Offline