OS X Server 10.4.8 + NFS Userhomes problem

[zebrac]

Hi all. First time poster – long time lurker. I’ve also posted something similar over @ macfixit – just to widen the chances of getting a useful solution to this headache.

I’ve got a complex little problem concerning NFS Userhome’s.

The backstory to this, is that I have the requirement to make NFS Userhomes work. Why? I’m building a large Sun Microsystems SAM-QFS SAN environment. As some of you are probably aware, AFP frontend exports/services don’t magically exist in the Sun environment, let alone under SAM-QFS control! ;). Essentially, we need to pop OS X network userhomes on BIG SAM-QFS controlled NFS exports because, for the purposes of enterprise redundancy, control and resilence, I cannot rely on XSAN/XServe RAID based solutions. It’s far too big, far too mission critical, unfortunately – added to this that I require true HSM (hence, SAM-QFS is ideal).

The scenario/little test environment in my lab:

1. Server – Mac OS X 10.4.8 and 10.5 [192.168.0.11], running OpenDirectory services, AFP, NFS, FTP for user authentication etc on x86 MacBook Pro

2. Server – Solaris 10 x86-64 [192.168.0.10]. Again, not running on a Sun box yet – just a tidy virtual machine for the time being. From this server, I have a large NFS export sent out, targetting a specific address on the network [192.168.0.11, which is the OS X Server], using the [email protected] and root_no_squash options (this prevents locking and permissions issues, sharing the imported NFS mount in WGM, under OS X).

3. Client. An Intel MacBook 13″ [192.168.0.12] that has been bound using “Directory access” tool to the OS X server. It detected the Directory node and locked directory access to it instantly. No probs there.

So, we know the components of the environment now.

The NFS export from the Solaris server is imported into the OS X 10.4.8/5 server using the little option WGA gives you, to automount. If I run a df -h from the command line, it shows up as a correctly automountable volume under /private/var …..blah blah.

So, with this in mind, I clicked “share this item” in the sharing section of WGA. I then selected the ability to allow it’s use for UserHomes and ticked “create mount record” etc etc. I selected Export via NFS and specified a client (being 192.168.0.12).

Next, I created a userhome for a new user (lets call him test_nfs_guy) and selected this NFS reshare (as it goes “through” AFP, so it seems!) and sure enough, if I look in my /export/OSX_Userhomes on the Solaris boxen, there is a new home-dir created, with the appropriate skeleton structure all in place (Documents, libraries, music, public), all the normal directories one expects to find in a home-dir. It’s communicating fine with the NFS export/import, or so it seems.

So, time to try and log a client in.

So – lets log test_nfs_guy in on the 192.168.0.12 MacBook 13″. It pretty much instantly authenticates with the OD – and allows the login process begin. Crunch crunch crunch. Then something less than happy happens -_-.

The message “home folder for user test_nfs_guy is not located in the usual place or has…” comes up on login. So, we are logged in just fine – but the home-directory has not mapped???!

The odd part? If I go–>connect to server then pop in 192.168.0.11 [the OS X server] AFP will connect me and authenticate me to the “home directory” which is living on 192.168.0.10 perfectly fine! I can see it. I can write to it, I can read from it – yet I can’t have it mount as a UserHome on login of a WGA controlled user!

Very, VERY frustrating.

What am I doing wrong guys?

Thanks. Any help would be most appreciated.

Cheers.

z.

[zebrac]

[QUOTE][u]Quote by: macshome[/u]

Why not just go direct to the Sun box for the NFS homes and leave the reshare bit out?

[/QUOTE]

It doesn’t seem to be that simple. In order to HAVE a WGM controlled userhome (from what I understand) you need to reshare the NFS export from the Solaris box – so that WGM can “see” it and do anything useful with it.

Maybe I am all mixed up on the matter?

Help/suggestions would be appreciated.

[john]

Had tried doing something similiar to this in a linux/osx environment some time ago – I thing using 10.3.8 Panther OSX Server and Redhat and SUSE nfs exported home directories. Suffice it say I could not get it to work. I think there is a problem applying afp to an nfs mount. Got around the problem by using nis from the linux side and ditching OSX Server.

I know there are now new problems with nfs and automount on the Intel builds of OSX that may cause even more grief with what you are trying to achieve. Sorry this is not of much help, but I wish you luck and I will be interested to see if you can get it to work

[john]

Had tried doing something similiar to this in a linux/osx environment some time ago – I thing using 10.3.8 Panther OSX Server and Redhat and SUSE nfs exported home directories. Suffice it say I could not get it to work. I think there is a problem applying afp to an nfs mount. Got around the problem by using nis from the linux side and ditching OSX Server.

I know there are now new problems with nfs and automount on the Intel builds of OSX that may cause even more grief with what you are trying to achieve. Sorry this is not of much help, but I wish you luck and I will be interested to see if you can get it to work

[cadeon]

[QUOTE][u]Quote by: zebrac[/u][p][QUOTE][u]Quote by: macshome[/u]

Why not just go direct to the Sun box for the NFS homes and leave the reshare bit out?

[/QUOTE]

It doesn’t seem to be that simple. In order to HAVE a WGM controlled userhome (from what I understand) you need to reshare the NFS export from the Solaris box – so that WGM can “see” it and do anything useful with it.

Maybe I am all mixed up on the matter?

Help/suggestions would be appreciated.[/p][/QUOTE]

I was running into this same issue at home- I was running OS X server on my old iBook, which obviously didn’t have enough drive space to hold my homes. My linux box had all the drive space on it, and an NFS share- which is where I wanted the homes to be.

Resharing is dumb, stupid, slow, and barely even works. Don’t do it. Ever. Don’t even accept that it exists.

I did some digging in the WGM Inspector thingy (You can turn it on in Preferences) and found that when you make something network automountable, it creates a ‘mount record’ for it. You can find this record via the inspector tab and chosing ‘mounts’ in the drop down.

Once you have one as a model, you can modify it to point at your desired host / share, which doesn’t have to be an OS X Server. In my case it was a linux box but I assume it could be anything.

Setting up a linux machine to authenticate against the OS X server’s LDAP is fairly easy too (and covered elsewhere, so I’ll skip it) and therefore the UIDs and GIDs will match up when you’re logged into your linux box. Your home on your Mac now = your home on your *nix. It works, Very, very well.

I’ve used this method with AFP also, with success, using a linux box with netatalk sharing things out. I prefer NFS, but try AFP if you want to. It could be an easy way to make use of some older Mac hardware. . . just setup your share on it, and network automount it with a custom mount record.

😀 😀

[Author]

Posts