NFS Kerberos mount permission denied because machine account reused
Applies to
- ONTAP 9
- Kerberized NFS
Issue
- Client gets
mount.nfs: mount(2): Permission deniedwhen trying to to mount Kerberized NFSsec=krb5 - EMS says
[?] Thu Jun 20 13:20:34 -0500 [node1: secd: secd.nfsAuth.problem:error]: vserver (svm1) General NFS authorization problem. Error: RPC accept GSS token procedure failed [ 3 ms] Acquired NFS service credential for logical interface 1030 (SPN='nfs/fqdn.domain.com@REALM.COM'). **[ 3] FAILURE: Failed to accept the context: Unspecified GSS failure. Minor code may provide more information (minor: Cannot decrypt ticket for nfs/fqdn.domain.com@REALM.COM using keytab key for nfs/fqdn.domain.com@REALM.COM)
