Re: No nfs SPN generated

Hi GidonMarcus, thanks for the explanation for setspn

After struggling with c-mode SPN i found nfs/* SPN acutally created on NFS-QAVS2-QACL6 account after running

vserver nfs kerberos interface*> modify -vserver qavs2 -lif lif2 -kerberos enabled -spn nfs/qavs2-qacl6.qa.arkivio.com@QA.ARKIVIO.COM -admin-username administrator

C:\Users\administrator.QA>setspn -L -C NFS-QAVS2-QACL6
Registered ServicePrincipalNames for CN=NFS-QAVS2-QACL6,CN=Computers,DC=qa,DC=arkivio,DC=com:
        nfs/qavs2-qacl6.qa.arkivio.com
        nfs/nfs-qavs2-qacl6.qa.arkivio.com
        nfs/NFS-QAVS2-QACL6
        HOST/nfs-qavs2-qacl6.qa.arkivio.com
        HOST/NFS-QAVS2-QACL6

 
nfs/* is missing on QAVS2-QACL6

C:\Users\administrator.QA>setspn -L -C QAVS2-QACL6
Registered ServicePrincipalNames for CN=QAVS2-QACL6,CN=Computers,DC=qa,DC=arkivio,DC=com:
        HOST/qavs2-qacl6.qa.arkivio.com
        HOST/QAVS2-QACL6

tried manually adding nfs/* to QAVS2-QACL6 with setspn with no luck as per TR4073 we definitely need SPN nfs/qavs2-qacl6.qa.arkivio.com for qavs2-qacl6.qa.arkivio.com instead of nfs-qavs2-qacl6.qa.arkivio.com(evening not exist in DNS)
any idea how to create nfs/qavs2-qacl6.qa.arkivio.com for qavs2-qacl6.qa.arkivio.com?(tried in ADSI EDIT deleting current qavs2-qacl6.qa.arkivio.com,and rename nfs-qavs2-qacl6.qa.arkivio.com to qavs2-qacl6.qa.arkivio.com,it's not working)  

C:\Users\administrator.QA>setspn.exe -S nfs/qavs2-qacl6 qavs2-qacl6
Registering ServicePrincipalNames for CN=QAVS2-QACL6,CN=Computers,DC=qa,DC=arkivio,DC=com
        nfs/qavs2-qacl6
Updated object

C:\Users\administrator.QA>setspn.exe -S NFS/QAVS2-QACL6.qa.arkivio.com QAVS2-QACL6
Checking domain DC=qa,DC=arkivio,DC=com
CN=NFS-QAVS2-QACL6,CN=Computers,DC=qa,DC=arkivio,DC=com
        nfs/qavs2-qacl6.qa.arkivio.com
        nfs/nfs-qavs2-qacl6.qa.arkivio.com
        nfs/NFS-QAVS2-QACL6
        HOST/nfs-qavs2-qacl6.qa.arkivio.com
        HOST/NFS-QAVS2-QACL6

Duplicate SPN found, aborting operation!  

 i suspect following mount error is caused by nfs/* is missing on qavs2-qacl6.qa.arkivio.com

[auto-stor@qa.arkivio.com@ark-centos-smb4 ~]$ sudo mount -t nfs -o v4.0,sec=krb5 qavs2-qacl6.qa.arkivio.com:/vol2/vol2nfs1 /nfs4-mnt-dir
[sudo] password for auto-stor@qa.arkivio.com:
mount.nfs: access denied by server while mounting qavs2-qacl6.qa.arkivio.com:/vol2/vol2nfs1