NFSv4, how to map uid and gid with LDAP?

[olav]

I've configured a NFSv4 server and a NFSv4 client, this works perfectly as long as I play with the same uid and gid on both systems in their passwd file. But how can I get it to work with LDAP?

 

[SirDice]

LDAP will give you a centralized accounts database. That means that every user will have the same UID/GID on every server.

http://www.freebsd.org/doc/en/articles/ldap-auth/index.html

 

[olav]

Yes, but I only get nouser, nogroup when I mount with nsfv4

 

[SirDice]

What is the contents of your /etc/exports? And what have you enabled in /etc/rc.conf regarding NFS and RPC?

 

[olav]

Client:
/etc/rc.conf

nfs_client_enable="YES"
nfscbd_enable="YES"
nfsuserd_enable="YES"
nfsuserd_flags="-domain example.com"
rpcbind_enable="YES"           
mountd_flags="-r -p 736"
rpc_lockd_enable="YES"
rpc_statd_enable="YES"

Server:
/etc/exports

V4: / 
/tank/home -maproot=0 -network 192.168.10.210 -mask 255.255.255.0
/tank/home/ole -maproot=0 -network 192.168.10.210 -mask 255.255.255.0
/tank/home/olav -maproot=0 -network 192.168.10.210 -mask 255.255.255.0
/tank/home/hakon -maproot=0 -network 192.168.10.210 -mask 255.255.255.0

/etc/rc.conf

nfs_server_enable="YES"
nfsv4_server_enable="YES"
nfsuserd_enable="YES"
nfsuserd_flags="-domain example.com"
rpcbind_enable="YES"
mountd_flags="-r -p 736"
rpc_lockd_enable="YES"
rpc_statd_enable="YES"

I've also configured /etc/hosts.allow

rpcbind : 192.168.10.0/255.255.255.0 : allow
rpcbind : ALL : deny

 

[olav]

I think I'm on to something here. I've added ldap to the NFS server and configured /etc/pam.d/system

The user gets correctly mapped on the server, but when mounted on the client (which already has a working ldap setup) I get uid and gid 32767.