OEL 6.3 - mount.nfs: access denied by server

Hi,
I am trying to mount an NFS directory on a server running OEL 6.3, pointing to another OEL 6.3 server. I get the following error:
[oracle@csdowmsdb503 etc]$ mount 192.x.x.x:/home/oracle/m501/m501_f /home/oracle/m501_f/
mount.nfs: access denied by server while mounting 192.x.x.x:/home/oracle/m501/m501_f
The UIDs and GIDs on each server match. If we use "nfsvers=3" it work, so it seems to be something specific to vers 4. We would like to not use the vers 3 workaround.
Thanks!

Hi,
When I added "- v" I realized it is actually erroring out on vers=4 and defaulting to vers=3 instead. The error it shows is now "No such file or directory."
[oracle@xxx503 m501_g]$ sudo mount -v -t nfs xxx.xxx.xxx.35:/home/oracle/m501/m501_g /home/oracle/m501_g/
mount.nfs: timeout set for Fri Nov 9 10:46:27 2012
mount.nfs: trying text-based options 'vers=4,addr=xxx.xxx.xxx.35,clientaddr=xxx.xxx.xxx.37'
mount.nfs: mount(2): No such file or directory
mount.nfs: trying text-based options 'addr=xxx.xxx.xxx.35'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying xxx.xxx.xxx.35 prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=17
mount.nfs: trying xxx.xxx.xxx.35 prog 100005 vers 3 prot UDP port 37692
xxx.xxx.xxx.35:/home/oracle/m501/m501_g on /home/oracle/m501_g type nfs (rw)

Similar Messages

Mount.nfs: access denied

Hi,
I've been trying the very basic NFS configuration, using ArchWiki.
/etc/hosts, client side:
# /etc/hosts: static lookup table for host names
#<ip-address> <hostname.domain.org> <hostname>
127.0.0.1 rimfirebox localhost.localdomain localhost
::1 rimfirebox localhost6.localdomain6 localhost6
192.168.1.34 rimfirebox.localdomain rimfirebox
192.168.1.33 stovepipebox.localdomain stovepipebox
# End of file
Server:
hosts.allow:
# /etc/hosts.allow
nfsd: ALL
portmap: ALL
mountd: ALL
# End of file
hosts.deny:
# /etc/hosts.deny
ALL: ALL
# End of file
/etc/exports:
# /etc/exports
# See exports(5) for a description.
# use exportfs -arv to reread
#/export 192.168.1.10(rw,no_root_squash)
/home/alexey/common *(ro,sync)
The required directory is apparently exported, but "access denied":
[alexey@rimfirebox ~]$ showmount -e stovepipebox
Export list for stovepipebox:
/home/alexey/common *
[alexey@rimfirebox ~]$ sudo mount stovepipebox:/home/alexey/common /mnt/stovepipe
mount.nfs: access denied by server while mounting stovepipebox:/home/alexey/common
Where am I supposed to look?
Last edited by Llama (2011-01-17 08:03:31)

My studies turned up that there's NFSv4 there .
https://wiki.archlinux.org/index.php/Nfs
https://wiki.archlinux.org/index.php/NFSv4
https://help.ubuntu.com/community/NFSv4Howto
So I've made another go:
/etc/exports:
# /etc/exports
# See exports(5) for a description.
# use exportfs -arv to reread
#/export 192.168.1.10(rw,no_root_squash)
/export 192.168.1.34(rw,fsid=0,insecure,no_subtree_check,async)
/export/alexey 192.168.1.34(rw,nohide,insecure,no_subtree_check,async)
/etc/fstab:
/home/alexey /export/alexey none bind 0 0
/etc/idmapd.conf:
[General]
Verbosity = 0
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = localdomain
[Mapping]
Nobody-User = nobody
Nobody-Group = nobody
[Translation]
Method = nsswitch
My first question: what my Domain actually is? Do I have to change it to something from my /etc/hosts? Do I have to mend /etc/hosts or something else?
Starting server:
[alexey@stovepipebox ~]$ sudo /etc/rc.d/rpcbind start
:: Starting rpcbind [DONE]
[alexey@stovepipebox ~]$ sudo /etc/rc.d/nfs-common start
:: Starting rpc.statd daemon [DONE]
:: Mounting pipefs filesystem [BUSY] :: Starting rpc.idmapd daemon [DONE]
[alexey@stovepipebox ~]$ sudo /etc/rc.d/nfs-server start
:: Mounting nfsd filesystem [DONE]
:: Exporting all directories [DONE]
:: Starting rpc.nfsd daemon [DONE]
:: Starting rpc.mountd daemon [DONE]
Is the [BUSY] thing OK?
Client side:
[alexey@rimfirebox ~]$ showmount -e stovepipebox
Export list for stovepipebox:
/export/alexey 192.168.1.34
/export 192.168.1.34
[alexey@rimfirebox ~]$ sudo /etc/rc.d/rpcbind start
Password:
:: Starting rpcbind [DONE]
[alexey@rimfirebox ~]$ sudo /etc/rc.d/nfs-common start
:: Starting rpc.statd daemon [DONE]
[alexey@rimfirebox ~]$ sudo mount -t nfs4 stovepipebox:/ /mnt
mount.nfs4: No such device
Here I at the very least have no clear idea what names to use. Please, help.
Last edited by Llama (2011-01-23 17:19:02)

[SOLVED] mount.nfs4: access denied by server

Hi folks. I seem to be having a bit of a problem getting nfs4 to work. I am trying to mount a share from alpha (my fileserver) onto charlie (my workstation). Both of these are new Arch systems and I haven't had any nfs working yet, although I have with other distros on the same hardware.
Fileserver (alpha) config:
# /etc/exports
/files 192.164.1.0/24(rw,sync,fsid=0,no_subtree_check)
# /etc/hosts.allow
sshd: 192.168.1.0/255.255.255.0
nfsd: 192.168.1.0/255.255.255.0
rpcbind: 192.168.1.0/255.255.255.0
mountd: 192.168.1.0/255.255.255.0
idmapd: 192.168.1.0/255.255.255.0
statd: 192.168.1.0/255.255.255.0
[General]
Verbosity = 3
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = localdomain
[Mapping]
Nobody-User = nobody
Nobody-Group = nobody
[Translation]
Method = nsswitch
# /etc/fstab: static file system information
# <file system> <dir> <type> <options> <dump> <pass>
none /dev/pts devpts defaults 0 0
none /dev/shm tmpfs defaults 0 0
#/dev/cdrom /media/cd auto ro,user,noauto,unhide 0 0
#/dev/dvd /media/dvd auto ro,user,noauto,unhide 0 0
#/dev/fd0 /media/fl auto user,noauto 0 0
/dev/sda1 /boot ext3 defaults 0 1
/dev/sda2 swap swap defaults 0 0
/dev/sda5 / ext3 defaults 0 1
/dev/sda6 /var ext3 defaults 0 1
/dev/sda7 /home ext3 defaults 0 1
/dev/sda8 /files ext3 defaults 0 1
rpc_pipefs /var/lib/nfs/rpc_pipefs rpc_pipefs defaults 0 0
nfsd /proc/fs/nfsd nfsd rw,nodev,noexec,nosuid 0 0
DAEMONS=(syslog-ng network netfs rpcbind nfs-common nfs-server hal @alsa @crond @openntpd @sshd)
[root@alpha ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda5 19228276 879492 17372036 5% /
none 507792 140 507652 1% /dev
none 507792 0 507792 0% /dev/shm
/dev/sda1 93307 15887 72603 18% /boot
/dev/sda6 19228276 372632 17878896 3% /var
/dev/sda7 19228276 176224 18075304 1% /home
/dev/sda8 902688436 204872 856629640 1% /files
[root@alpha ~]#
Workstation (charlie) config:
# /etc/fstab: static file system information
# <file system> <dir> <type> <options> <dump> <pass>
none /dev/pts devpts defaults 0 0
none /dev/shm tmpfs defaults 0 0
#/dev/cdrom /media/cd auto ro,user,noauto,unhide 0 0
#/dev/dvd /media/dvd auto ro,user,noauto,unhide 0 0
#/dev/fd0 /media/fl auto user,noauto 0 0
UUID=437982b2-5c84-4f53-954d-cf43f8b4e707 / ext3 defaults 0 1
UUID=97d79d76-357a-4f4e-8513-f181bff6af62 /boot ext3 defaults 0 1
UUID=d8525095-9b97-4439-932f-8f4e0236cce1 /home ext3 defaults 0 1
UUID=ffba933b-af93-407c-b1b8-69d1cc5be146 swap swap defaults 0 0
rpc_pipefs /var/lib/nfs/rpc_pipefs rpc_pipefs defaults 0 0
alpha:/ /files nfs4 defaults 0 0
[General]
Verbosity = 3
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = localdomain
[Mapping]
Nobody-User = nobody
Nobody-Group = nobody
[Translation]
Method = nsswitch
DAEMONS=(syslog-ng network crond alsa hal fam rpcbind nfs-common netfs)
[root@charlie ~]# mount -a
mount.nfs4: access denied by server while mounting alpha:/
[root@charlie ~]#
This happens even after both systems are rebooted. Can anyone spot what I am missing?
Thanks for looking.
Last edited by dgregory46 (2009-10-21 01:04:09)

Now I really feel stupid. A little proofreading would have saved me a big headache. In /etc/exports I was exporting to 192.164.1.0/24 while my network is the more standard 192.168.1.0/24.
It works fine now, although I did take phaul's suggestion and added my main share "inside" the nfs4 root.

Error 550 5.7.0 Relay Access Denied in Server 2013 Enterprise

Good evening everyone.
When emails are sent from outside of our domain, to our domain; the following message is returned:
Delivery to the following recipient failed permanently:
email
Technical details of permanent failure
Google tried to deliver your message, but it was rejected by the server for the recipient domain by mail messaging microsoft
The error that the other server returned was:
550 5.7.0 Relay Access Denied
It is affecting all users.
I have scoured the net and tried many solutions. I have disabled both the anti-spam software and Symantec.
I am at a loss. I am willing to try a reconfigure that doesn't require an outside relay or try and fix this issue but the system has been down for the organization for too long.
Any advice is appreciated!
Thank you

Hi ,
1.On the exchange cas server please check the option anonymous users is checked on the receive connectors under permissions groups.
Connector name : Default front end connector
Note : Anonymous users needs to be checked on the above mentioned connector in all the cas servers to accept the anonymous connections coming from internet.
2.However please tell me ,For you exchange organisation where you have pointed your MX records ?
3.Did you done any recent change on the receive connectors ?
4.Please do the inbound email test from EXRCA tool and share me the results .
Thanks & Regards S.Nithyanandham

Access Denied DNS Server 'Windows Server 2008 R2 and Install AD (PDC) and ADD (BDC=Additional AD)

hi
I Have
Windows server 2008 R2 and Install Active Directory
Install and configuration for windows server 2008 PDC (Primary Domain Controller) and BDC (Additionall Domain Controller)
Error
A security Package specific Error Occurrred. would you like to add it anyway
and
Access Denied Console Other Domain AD
and Nslookup
C:\Users\admin>nslookup pdc
Server: bdc.*.*
Address: 10.0.X.X
Name: pdc.*.*
Addresses: 10.0.1.11
10.0.X.X

Hello,
your description is a bit confusing. You get the error message when you try to add the other DC to the DNS management console on one machine?
Both DCs belong to the same domain according to your description?
Please post an unedited ipconfig /all from both DC/DNS servers here.
BTW: PDC/BDC concept is gone since the start from AD with Windows 2000 Server. All DCs are the same, difference are only the FSMO roles, still that can be held from any DC in the domain according to some rules.
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://msmvps.com/blogs/mweber/
Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

Folders and Files access denied from Server 2008 on Windows 7

I upgraded my server from 2003 to 2008. Now my Windows 7 machines can't open files in the Shared Documents on the server. Error comes back with access denied. Can use remote desktop with a Windows 7 machine and have access to the Shared Documents
folder. Any help as to why getting access denied would be great.

Hi,
Plesase check ntfs permisions and share permssions of the shared folder. You could try to set share permissions to Full Control for the Everyone group to see if the issue still exists.
Share and NTFS Permissions on a File Server
http://technet.microsoft.com/en-us/library/cc754178.aspx
Regards,
Mandy
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

Java.security.AccessControlException: access denied , ordinary server class

import java.rmi.*;
public class Rem extends java.rmi.server.UnicastRemoteObject implements RemInt {
     public static void main(String args[]) {
          System.setSecurityManager(new RMISecurityManager());
          try {
               Rem r = new Rem();
               Naming.rebind("saurabh", r);
          } catch(Exception e) { e.printStackTrace(); }
     public Rem() throws java.rmi.RemoteException {
     public String give() {
          return("u got it from server");
import java.rmi.Remote;
public interface RemInt extends java.rmi.Remote {
     public String give() throws java.rmi.RemoteException;
STACK TRACE
java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.
0.1:1099 connect,resolve)
at java.security.AccessControlContext.checkPermission(AccessControlContext.ja
va:270)
at java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1044)
at java.net.Socket.connect(Socket.java:419)
at java.net.Socket.connect(Socket.java:375)
at java.net.Socket.<init>(Socket.java:290)
at java.net.Socket.<init>(Socket.java:118)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocke
tFactory.java:22)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocke
tFactory.java:122)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:562)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:185)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:171)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:313)
at sun.rmi.registry.RegistryImpl_Stub.rebind(Unknown Source)
at java.rmi.Naming.rebind(Naming.java:159)
at Rem.main(Rem.java:10)

I also get that exception, but only when I use SSL and the client is launched with Java Web Start.
I have tried to solve the problem by changing the permissions in the policy file but the problem still arises.
If I use default sockets (i.e.: no SSL) the client runs ok.
This is the policy file that the server uses:
grant {
// allows anyone to listen on un-privileged ports
permission java.net.SocketPermission "*:1024-65535", "listen,accept,connect";
permission java.util.PropertyPermission "*", "read";
permission java.io.FilePermission "*", "read,write";
permission java.lang.RuntimePermission "*";

"Network Error - 53" while trying to mount NFS share in Windows Server 2008 client

CentOS | Windows 2008
I've got a CentOS 5.5 server running nfsd. On the Windows side, I'm running Windows Server 2008 R2 Enterprise. I have the "Files Services" server role enabled and both Client for NFS and Server for NFS are on.
I'm able to successfully connect/mount to the CentOS NFS share from other linux systems but am experiencing errors connecting to it from Windows. When I try to connect, I get the following:
C:\Users\fooadmin>mount -o anon 10.10.10.10:/share/ z:
Network Error - 53
Type 'NET HELPMSG 53' for more information.
(IP and share name have been changed to protect the innocent :-) )
Additional information:
I've verified low-level network connectivity between the Windows client and the NFS server with telnet (to the NFS on TCP/2049) so I know the port is open. I've further confirmed that inbound and outbound firewall ports are present and enabled.
I came across a
Microsoft tech note that suggested changing the "Provider Order" so "NFS Network" is above other items like Microsoft Windows Network. I changed this and restarted the NFS client - no luck.
I've confirmed that the share folder on the NFS server is readable/writable by all (777)
I've tried other variations of the mount command like: mount 10.10.10.10:/share/ z: and
mount 10.10.10.10:/share z: and mount -o anon mtype=hard \\10.10.10.10:/share * No luck.
As per the command output, I tried typing NET HELPMSG 53 but that doesn't tell me much. Just "The network path was not found".
I'm lost on how to proceed with troubleshooting. Any ideas?

There are usully two aspect that come to mind:
1. Syntax of mount command
2. Mismatch of NFS versions
Third reason is here
http://blogs.technet.com/b/sfu/archive/2011/11/21/getting-network-error-53-network-path-not-found-quot.aspx
Rgds
Milos

[SOLVED]Can´t mount nfs shares!

Hello,
I am trying to get up a fileserver. I installed an old PC with Arch and configerd it over SSH. I followed the wiki over NFS and NFSv4. But everytime I want to mount a share that is in the physical map /home/jozef/shares/downloads, I get the following error:
mount.nfs4: timeout set for Mon Aug 24 14:36:57 2009
mount.nfs4: text-based options: 'clientaddr=192.168.0.100,addr=192.168.0.111'
mount.nfs4: mount(2): Permission denied mount.nfs4: access denied by server while mounting 192.168.0.111:/shares/downloads
I tried to mount it with the following command:
mount -v -t nfs4 192.168.0.111:/shares/downloads /media/Downloads-Server
Lets call the fileserver fileserver and my workstation Gamepc. Here I will give you some files that I think are needed, from fileserver and Gamepc are there other files you need, I will post them.
/etc/exports on fileserver
# /etc/exports
# List of directories exported to NFS clients. See exports(5).
# Use exportfs -arv to reread.
# Example for NFSv2 and NFSv3:
# /srv/home hostname1(rw,sync) hostname2(ro,sync)
# Example for NFSv4:
# /srv/nfs4 hostname1(rw,sync,fsid=0)
# /srv/nfs4/home hostname1(rw,sync,nohide)
# Using Kerberos and integrity checking:
# /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt)
# /srv/nfs4/home gss/krb5i(rw,sync,nohide)
/shares 192.168.0.12(rw,fsid=0,no_subtree_check,async,no_root_squash)
/shares/downloads 192.168.0.12(rw,no_subtree_check,async,no_root_squash,nohide)
/etc/hosts.allow on fileserver
# /etc/hosts.allow
sshd: 192.168.0.0/255.255.255.0
#nfsd: 192.168.0.0/255.255.255.255
#portmap: 192.168.0.0/255.255.255.255
#mountd: 192.168.0.0/255.255.255.255
nfsd: ALL
portmap: ALL
mountd: ALL
# End of file
/etc/hosts.deny on fileserver
# /etc/hosts.deny
ALL: ALL: DENY
# End of file
/etc/conf.d/nfs-common on fileserver
STATD_OPTS="--no-notify"
/etc/conf.d/nfs-server on fileserver
STATD_OPTS="--no-notify"
/etc/rc.conf on fileserver
# /etc/rc.conf - Main Configuration for Arch Linux
# LOCALIZATION
# LOCALE: available languages can be listed with the 'locale -a' command
# HARDWARECLOCK: set to "UTC" or "localtime"
# USEDIRECTISA: use direct I/O requests instead of /dev/rtc for hwclock
# TIMEZONE: timezones are found in /usr/share/zoneinfo
# KEYMAP: keymaps are found in /usr/share/kbd/keymaps
# CONSOLEFONT: found in /usr/share/kbd/consolefonts (only needed for non-US)
# CONSOLEMAP: found in /usr/share/kbd/consoletrans
# USECOLOR: use ANSI color sequences in startup messages
LOCALE="en_US.utf8"
HARDWARECLOCK=""
USEDIRECTISA="no"
TIMEZONE=""
KEYMAP="us"
CONSOLEFONT=
CONSOLEMAP=
USECOLOR="yes"
# HARDWARE
# MOD_AUTOLOAD: Allow autoloading of modules at boot and when needed
# MOD_BLACKLIST: Prevent udev from loading these modules
# MODULES: Modules to load at boot-up. Prefix with a ! to blacklist.
# NOTE: Use of 'MOD_BLACKLIST' is deprecated. Please use ! in the MODULES array.
MOD_AUTOLOAD="yes"
#MOD_BLACKLIST=() #deprecated
MODULES=()
# Scan for LVM volume groups at startup, required if you use LVM
USELVM="no"
# NETWORKING
# HOSTNAME: Hostname of machine. Should also be put in /etc/hosts
HOSTNAME="myhost"
# Use 'ifconfig -a' or 'ls /sys/class/net/' to see all available interfaces.
# Interfaces to start at boot-up (in this order)
# Declare each interface then list in INTERFACES
# - prefix an entry in INTERFACES with a ! to disable it
# - no hyphens in your interface names - Bash doesn't like it
# DHCP: Set your interface to "dhcp" (eth0="dhcp")
# Wireless: See network profiles below
#Static IP example
#eth0="dhcp"
eth0="dhcp"
INTERFACES=(eth0)
# Routes to start at boot-up (in this order)
# Declare each route then list in ROUTES
# - prefix an entry in ROUTES with a ! to disable it
gateway="default gw 192.168.0.1"
ROUTES=(!gateway)
# Enable these network profiles at boot-up. These are only useful
# if you happen to need multiple network configurations (ie, laptop users)
# - set to 'menu' to present a menu during boot-up (dialog package required)
# - prefix an entry with a ! to disable it
# Network profiles are found in /etc/network.d
# This now requires the netcfg package
#NETWORKS=(main)
# DAEMONS
# Daemons to start at boot-up (in this order)
# - prefix a daemon with a ! to disable it
# - prefix a daemon with a @ to start it up in the background
DAEMONS=(syslog-ng !network rpcbind nfs-common nfs-server netfs crond !xinetd !samba sshd transmissiond)
/etc/rc.conf on Gamepc
# /etc/rc.conf - Main Configuration for Arch Linux
# LOCALIZATION
# LOCALE: available languages can be listed with the 'locale -a' command
# HARDWARECLOCK: set to "UTC" or "localtime"
# USEDIRECTISA: use direct I/O requests instead of /dev/rtc for hwclock
# TIMEZONE: timezones are found in /usr/share/zoneinfo
# KEYMAP: keymaps are found in /usr/share/kbd/keymaps
# CONSOLEFONT: found in /usr/share/kbd/consolefonts (only needed for non-US)
# CONSOLEMAP: found in /usr/share/kbd/consoletrans
# USECOLOR: use ANSI color sequences in startup messages
LOCALE="en_US.utf8"
HARDWARECLOCK="localtime"
USEDIRECTISA="no"
TIMEZONE="Europe/Amsterdam"
KEYMAP="us"
CONSOLEFONT=
CONSOLEMAP=
USECOLOR="yes"
# HARDWARE
# MOD_AUTOLOAD: Allow autoloading of modules at boot and when needed
# MOD_BLACKLIST: Prevent udev from loading these modules
# MODULES: Modules to load at boot-up. Prefix with a ! to blacklist.
# NOTE: Use of 'MOD_BLACKLIST' is deprecated. Please use ! in the MODULES array.
MOD_AUTOLOAD="yes"
#MOD_BLACKLIST=() #deprecated
MODULES=()
# Scan for LVM volume groups at startup, required if you use LVM
USELVM="no"
# NETWORKING
# HOSTNAME: Hostname of machine. Should also be put in /etc/hosts
HOSTNAME="GAMEPC"
# Use 'ifconfig -a' or 'ls /sys/class/net/' to see all available interfaces.
# Interfaces to start at boot-up (in this order)
# Declare each interface then list in INTERFACES
# - prefix an entry in INTERFACES with a ! to disable it
# - no hyphens in your interface names - Bash doesn't like it
# DHCP: Set your interface to "dhcp" (eth0="dhcp")
# Wireless: See network profiles below
#Static IP example
#eth0="dhcp"
eth0="dhcp"
INTERFACES=(eth0)
# Routes to start at boot-up (in this order)
# Declare each route then list in ROUTES
# - prefix an entry in ROUTES with a ! to disable it
gateway="default gw 192.168.0.1"
ROUTES=(!gateway)
# Enable these network profiles at boot-up. These are only useful
# if you happen to need multiple network configurations (ie, laptop users)
# - set to 'menu' to present a menu during boot-up (dialog package required)
# - prefix an entry with a ! to disable it
# Network profiles are found in /etc/network.d
# This now requires the netcfg package
#NETWORKS=(main)
# DAEMONS
# Daemons to start at boot-up (in this order)
# - prefix a daemon with a ! to disable it
# - prefix a daemon with a @ to start it up in the background
DAEMONS=(syslog-ng !network rpcbind nfs-common @netfs crond @hal @fam @samba @alsa @cups)
/etc/hosts.allow on Gamepc
# /etc/hosts.allow
sshd:ALL
# End of file
/etc/hosts.deny on Gamepc
# /etc/hosts.deny
ALL: ALL: DENY
# End of file
If someone could help me, I would be pleased.
With kind regards,
Jozef00
Last edited by jozef00 (2009-09-01 15:28:07)

Are you sure that the nfs module is loaded? Do
lsmod | grep nfs
to check. If "nfs" doesn't appear then that's your problem. Do:
sudo modprobe nfs
and continue.
EDIT: Also, I'll assume both your server and your client machine are connected to the network. You have the network DAEMON "!"-disabled in each machine's /etc/rc.conf. So I'm assuming you're connecting them to the network in some other way, and have verified that you can, for example, ssh from one machine to the other.
Third, you're sure that /share exists on your server machine, that a (presumably empty) directory /share/downloads exists inside it, that another folder is mounted on top of that empty directory? When you type "mount" on the server machine there should be a line containing "on /share/downloads".
Fourth, if your client's ip address is 192.168.0.100 (this will be displayed when you do "ifconfig") then the /etc/exports on your server has been changed to read:
/shares 192.168.0.100(rw,fsid=0,no_subtree_check,async,no_root_squash)
/shares/downloads 192.168.0.100(rw,no_subtree_check,async,no_root_squash,nohide)
Then you either typed "exportfs -rf" on the server, or stopped and restarted nfs-server. (I'd stop nfs-server, nfs-common, and rpcbind, then start them up again in reverse order, to be sure.)
STATD_OPTS has no effect in /etc/conf.d/nfs-server. Also, you don't need to use statd if you're using nfs4. So you could change /etc/conf.d/nfs-common to read:
NEED_STATD=no
NEED_IDMAPD=yes
and /etc/conf.d/server and can be blank.
(Then restart everything, as described above.)
If you're using the latest arch packages then portmap has been replaced by rpcbind (which you do have in your DAEMONS line on the server). So you need to change the "portmap:" line in your server's /etc/hosts.allow to "rpcbind:". I also have a "lockd:" line in my /etc/hosts.allow, in addition to what you have. It's probably not the source of your present troubles, and I'm not sure it's necessary. But you could try adding it.
Finally, did you add/change a "Domain = ..." line in the /etc/idmapd.conf on your server, and a corrsponding line in the /etc/idmapd.conf on your client?
Last edited by Profjim (2009-08-25 12:51:48)

Error mounting NFS share - mount.nfs: Operation not permitted

I've got an NFS share on a FreeBSD server which I mount via fstab.
It mounts automatically at boot and everything is fine.
However, if I unmount it and try to mount it again I get:
mount.nfs: Operation not permitted
I have tried vers=3 and nfsvers=3 in fstab, but to no avail.
rpcbind is allowed in /etc/hosts.allow.
Does anyone have any ideas?
fstab entry:
server:/path/to/files /mnt/files nfs ro,hard,intr,nfsvers=3 0 0

Tagging along, I have the same problem, although I have a different setup:
- Server = Arch linux
- Client1 = Debian Testing linux
- Client2 = Arch linux
On client1, I'm unable to mount all NFS-shares. 2 out of 3 mount ok and the third fails with this error (both through fstab and manually):
# mount -a
mount.nfs4: access denied by server while mounting (null)
On Client2 I'm able to connect automatically and manually to all shares.
Maybe it is Debian-related, but the debian user forums have not been of much help...
THX for any input!
Last edited by zenlord (2010-03-04 12:07:04)

Unix drive mounting and accessing with Receiver File(NFS) Adapter

Hi gurus,
Is it possible to access a mounted directory between a storage(unix) server and PI server, by using the File Adapter in NFS mode to write files to it?
Regards,
Gökhan

Hi,
>>Is it possible to access a mounted directory between a storage(unix) server and PI
why not?
in case your PI is on windows and storage on unix you just need
to have samba installed on your unix machine and you can access
unix with //server/folder/ from PI
Regards,
Michal Krawczyk

User mount NFS via PCManFM asks for authentication

I finally got around to updating my system last night, and I ran in to the bind mount issue with pacman but that's solved now.
Today I was trying to access an NFS share in the usual way, they're defined in fstab but don't activate until I click on them in PCManFM file manager.
nas1:/c/media /media/nas1/media nfs noauto,user,_netdev,bg 0 0
Previously there would be a bit of a delay after the first time I opened the share while the connection was made and then everything worked fine. But today I got a dialog box that said:
Authentication is required to manage system services or units.
And then I'm expected to enter root's password.
systemctl shows me that rpc-statd is not running, and journalctl shows me why:
Opening /var/run/rpc.statd.pid failed: Permission denied
/var/run is:
lrwxrwxrwx 1 root root 6 Feb 15 16:57 run -> ../run
and /run is:
drwxr-xr-x 23 root root 560 Mar 4 23:16 run
So I'm guessing that my user can't start rpc-statd because normal users don't have permission to write to the /run directory so the PID file can't be created.
Any idea what the actual problem is? And what the solution is? Thanks,

Did some more probing and googling of error messages, found the following thread [SOLVED]rpc.statd Failed to create RPC listeners,exiting.
So I manually started rpcbind.service (as opposed to rpcbind.target) and then I was able to start rpc-statd.service and connect to the NFS shares on my NAS via PCManFM.
Is this a bug in something? I'm still looking around to try and figure out what should be starting rpcbind.service and where. Is it perhaps PCManFM that's not working properly or is this something I need to ensure is in my environment for PCManFM to be able to mount NFS shares on demand?
Thanks,

Failed to start hibernate.target: Access denied

I upgraded my machine yesterday and the Hibernate item in kmenu->Leave are missing. also "systemctl hibernate" dont work:
$ systemctl hibernate
Failed to execute operation: Sleep verb not supported
Failed to start hibernate.target: Access denied
log:
Mar 08 22:50:56 arch polkitd[720]: Registered Authentication Agent for unix-process:2370:106040 (system bus name :1.86 [/usr/bin/pkttyagent --notify-fd 5 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Mar 08 22:50:56 arch dbus[363]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.87" (uid=1000 pid=2370 comm="systemctl hibernate -i ") interface="org.freedesktop.systemd1.Manager" member="StartUnit" error name="(unset)" requested_reply="0" destination="org.freedesktop.systemd1" (uid=0 pid=1 comm="/sbin/init ")
Mar 08 22:50:56 arch polkitd[720]: Unregistered Authentication Agent for unix-process:2370:106040 (system bus name :1.86, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
Suspend works fine.
Last edited by ReiserFS (2014-03-09 12:35:46)

I've got this same problem. For me it's because I haven't got a swap partition (even though I thought I set this machine up with one...). Perhaps you also don't have a swap partition, or maybe it's not mounted? Anyway, I would start with the Swap page of the wiki.

Error...java.sql.SQLException:Access denied for user

Hi,
I am getting the following error message while connecting with the MySQL .(O/S :Sun OS 5.6)
Error.....java.sql.SQLException: Invalid authorization specification: Access denied for user: 'some_user&password@localhost' (Using password: NO)
Note that i have given all permission to the user using,
GRANT ALL PRIVILEGES .......................
The code i have used to connect with the database is,
import java.io.*;
import java.sql.*;
class test
public static void main(String a[])
try
Connection con;
Statement stmt;
ResultSet rs;
Class.forName("org.gjt.mm.mysql.Driver");
con=DriverManager.getConnection(jdbc:mysql://localhost/db_name?user=some_user&password=some_pass");
stmt=con.createStatement();
//do something with resultset
catch(Exception e)
System.out.println("Exception in second try.."+e);
plese guide me on this problem to solve.
Thankz,
Bala.

Hi friends...
I've read the last post...
The problem that I have is as follow....
1. I have installed on my machine MySQL 5.0 Server running
1.1 I have a database called "base1"
1.2 User "root", password "works"
1.3 I have the following sentence to connect it using JDBC
Connection con = DriverManager.getConnection("jdbc:mysql://localhost/base1", "root", "works");
More notes:
- I use the JDBC 5.0
- My Machine is a Windows XP SP2 Pentium 3.0 512Mb
and it connects��
but I have this environment to develop applications, now that I want to connect to Production Environment happens the following:
2 The Production database is mounted on a Linux Server with MySQL 3.2.
2.1 I change the sentences as follow:
Connection con = DriverManager.getConnection("jdbc:mysql://192.168.0.7/base1", "user", "password");
2.3 But a message appears when I run the Java Program:
java.sql.SQLException:Access denied for user: '[email protected]' (Using password: YES)
2.4 As you can see it changes the IP Address...
More notes:- I have the MySQL Query Browser and I got connection.
- The IP that display the Error Message is my Second IP configurated on my Network Properties.
- Server is a Pentium 4 3.0 GHz 2Gb Linux Red Hat 3.0
I leave this case for the spider... I hope that somebady has the solution.
What is the problem? Why the JDBC doesn't respect the IP that I wrote.

EFS Encrypted Files over home workgroup network via WebDAV avoiding Active Directory fixing Access Denied errors

This is for information to help others
KEYWORDS:
- Sharing EFS encrypted files over a personal lan wlan wifi ap network
- Access denied on create new file / new fold on encrypted EFS network file share remote mapped folder
- transfer encryption keys / certificates
- set trusted delegation for user + computer for EFS encrypted files via
Kerberos
- Windows Active Directory vs network file share
- Setting up WinDAV server on Windows 7 Pro / Ultimate
It has been a long painful road to discover this information.
I hope sharing it helps you.
Using EFS on Windows 7 pro / ultimate is easy and works great. See
here and
here
So too is opening + editing encrypted files over a peer-to-peer Windows 7 network.
HOWEVER, creating a new file / new folder over a peer-to-peer Windows 7 network
won't work (unless you follow below steps).
Typically, it is only discovered as an issue when a home user wants to use synchronisation software between their home computers which happens to have a few folders encrypted using windows EFS. I had this issue trying to use GoodSync.
Typically an "Access Denied" error messages is thrown when a \\clientpc tries to create new folder / new file in an encrypted folder on a remote file share \\fileserver.
Why such a EFS drama when a network is involved?
Assume a home peer-to-peer network with 2pc: \\fileserver and \\clientpc
When a \\clientpc tries to create a new file or new folder on a \\fileserver (remote computer) it fails. In a terribly simplified explanation it is because the process on \\fileserver that is answering the network requests is a process working for a user on
another machine (\\clientpc) and that \\fileserver process doesn't have access to an encryption certificate (as it isn't a user). Active Directory gets around this by using kerberos so the process can impersonate a \\fileserver user and then use their certificate
(on behalf of the clienpc's data request).
This behaviour is confusing, as a \\clientpc can open or edit an existing efs encrypted file or folder, just can't create a new file or folder. The reason editing + opening an encrypted file over a network file share is possible is because the encrypted
file / folder already has an encryption certificate, so it is clear which certificate is required to open/edit the file. Creating a new file/folder requires a certificate to be assigned and a process doesn't have a profile or certificates assigned.
Solutions
There are two main approaches to solve this:
     1) SOLVE by setting up an Active Directory (efs files accessed through file shares)
          EFS operations occur on the computer storing the files.
          EFS files are decrypted then transmitted in plaintext to the client's computer
          This makes use of kerberos to impersonate a local user (and use their certificate for encrypt + decrypt)
     2) SOLVE by setting up WebDAV (efs files accessed through web folders)
           EFS operations occur on the client's local computer
           EFS files remain encrypted during transmission to the client's local computer where it is decrypted
           This avoids active directory domains, roaming or remote user profiles and having to be trusted for delegation.
           BUT it is a pain to set up, and most online WebDAV server setup sources are not for home peer-to-peer networks or contain details on how to setup WebDAV for EFS file provision
         READ BELOW as this does
Create new encrypted file / folder on a network file share - via Active Directory
It is easily possible to sort this out on a domain based (corporate) active directory network. It is well documented. See
here. However, the problem is on a normal Windows 7 install (ie home peer-to-peer) to set up the server as part of an active directory domain is complicated, it is time consuming it is bulky, adds burden to operation of \\fileserver computer
and adds network complexity, and is generally a pain for a home user. Don't. Use a WebDAV.
Although this info is NOT for setting up EFS on an active directory domain [server],
for those interested here is the gist:
Use the Active Directory Users and Computers snap-in to configure delegation options for both users and computers. To trust a computer for delegation, open the computer’s Properties sheet and select Trusted for delegation. To allow a user
account to be delegated, open the user’s Properties sheet. On the Account tab, under Account Options, clear the The account is sensitive and cannot be delegated check box. Do not select The account is trusted for delegation. This property is not used with
EFS.
NB: decrypted data is transmitted over the network in plaintext so reduce risk by enabling IP Security to use Encapsulating Security Payload (ESP)—which will encrypt transmitted data,
Create new encrypted file / folder on a network file share - via WebDAV
For home users it is possible to make it all work.
Even better, the functionality is built into windows (pro + ultimate) so you don't need any external software and it doesn't cost anything. However, there are a few hotfixes you have to apply to make it work (see below).
Setting up a wifi AP (for those less technical):
   a) START ... CMD
   b) type (no quotes): "netsh wlan set hostednetwork mode=allow ssid=MyPersonalWifi key=12345 keyUsage=persistent"
   c) type (no quotes): "netsh wlan start hostednetwork"
Set up a WebDAV server on Windows 7 Pro / Ultimate
-----ON THE FILESERVER------
   1 click START and type "Turn Windows Features On or Off" and open the link
       a) scroll down to "Internet Information Services" and expand it.
       b) put a tick in: "Web Management Tools" \ "IIS Management Console"
       c) put a tick in: "World Wide Web Services" \ "Common HTTP Features" \ "WebDAV Publishing"
       d) put a tick in: "World Wide Web Services" \ "Security" \ "Basic Authentication"
       e) put a tick in: "World Wide Web Services" \ "Security" \ "Windows Authentication"
       f) click ok
       g) run HOTFIX - ONLY if NOT running Windows 7 / windows 8
KB892211 here ONLY for XP + Server 2003 (made in 2005)
KB907306 here ONLY for Vista, XP, Server 2008, Server 2003 (made in 2007)
2 Click START and type "Internet Information Services (IIS) Manager"
3 in IIS, on the left under "connections" click your computer, then click "WebDAV Authoring Rules", then click "Open Feature"
       a) on the right side, under Actions, click "Enable WebDAV"
4 in IIS, on the left under "connections" click your computer, then click "Authentication", then click "Open Feature"
       a) on the "Anonymous Authentication" and click "Disable"
       b) on the "Windows Authentication" and click "Enable"
      NB: Some Win 7 will not connect to a webDAV user using Basic Authentication.
        It can be by changing registry key:
           [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WebClient\Parameters]
           BasicAuthLevel=2
       c) on the "Windows Authentication" click "Advanced Settings"
           set Extended Protection to "Required"
       NB: Extended protection enhances the windows authentication with 2 security mechanisms to reduce "man in the middle" attacks
5 in IIS, on the left under "connections" click your computer, then click "Authorization Rules", then click "Open Feature"
       a) on the right side, under Actions, click "Add Allow Rule"
       b) set this to "all users". This will control who can view the "Default Site" through a web browser
       NB: It is possible to specify a group (eg Administrators is popular) or a user account. However, if not set to "all users" this will require the specified group/user account to be used for logged in with on the
clientpc.
       NB: Any user account specified here has to exist on the server. It has a bug in that it usernames specified here are not validated on input.
6 in IIS, on the left under "connections" click your computer, then click "Directory Browsing", then click "Open Feature"
       a) on the right side, under Actions, click "Enable"
HOTFIX - double escaping
7 in IIS, on the left under "connections" click your computer, then click "Request Filtering", then click "Open Feature"
       a) on the right side, under Actions, click "Edit Feature Settings"
       b) tick the box "Allow double escaping"
     *THIS IS VERY IMPORTANT* if your filenames or foldernames contain characters like "+" or "&"
     These folders will appears blank with no subdirectories, or these files will not be readable unless this is ticked
     This is safe btw. Unchecked (default) it filters out requests that might possibly be misinterpreted by buggy code (eg double decode or build url's via string-concat without proper encoding). But any bug would need to be in IIS basic
file serving and this has been rigorously tested by microsoft, so very unlikely. Its safe to "Allow double escaping".
8 in IIS, on the left under "connections" right click "Default Web Site", then click "Add Virtual Directory"
       a) set the Alias to something sensible eg "D_Drive", set the physical path
       b) it is essential you click "connect as" and set
this to a local user (on fileserver),
       if left as "pass through authentication" a client won't be able to create a new file or folder in an encrypted efs folder (on fileserver)
             NB: the user account selected here must have the required EFS certificates installed.
                        See
here and
here
        NB: Sharing the root of a drive as an active directory (eg D:\ as "D_Drive") often can't be opened on clientpcs.
      This is due to windows setting all drive roots as hidden "administrative shares". Grrr.
       The work around is on the \\fileserver create an NTFS symbollic link
          e.g. to share the entire contents of "D:\",
                on fileserver browse to site path (iis default this to c:\inetpub\wwwroot)
                in cmd in this folder create an NTFS symbolic link to "D:\"
                so in cmd type "cd c:\inetpub\wwwroot"
                then in cmd type "mklink /D D_Drive D:\"
        NB: WebDAV will open this using a \\fileserver local user account, so double check local NTFS permissions for the local account (clients will login using)
         NB: If clientpc can see files but gets error on opening them, on clientpc click START, type "Manage Network Passwords", delete any "windows credentials" for the fileserver being used, restart
clientpc
9 in IIS, on the left under "connections" click on "WebDAV Authoring Rules", then click "Open Feature"
       a) click "Add authoring rules". Control access to this folder by selecting "all users" or "specified groups" or "specified users", then control whether they can read/write/source
       b) if some exist review existing allow or deny.
           Take care to not only review the "allow access to" settings
           but also review "permissions" (read/write/source)
       NB: this can be set here for all added virtual directories, or can be set under each virtual directory
10 Open your firewall software and/or your router. Make an exception for port 80 and 443
       a) In Windows Firewall with Advanced Security click Inbound Rules, click New Rule
             choose Port, enter "80, 443" (no speech marks), follow through to completion. Repeat for outbound.
          NB: take care over your choice to untick "Public", this can cause issues if no gateway is specified on the network (ie computer-to-computer with no router). See "Other problems+fixes"
below, specifically "Cant find server due to network location"
       b) Repeat firewall exceptions on each client computer you expect to access the webDAV web folders on
HOTFIX - MAJOR ISSUE - fix KB959439
11 To fully understand this read "WebDAV HOTFIX: RAW DATA TRANSFERS" below
      a) On Windows 7 you need only change one tiny registry value:
           - click START, type "regedit", open link
           -browse to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MRxDAV\Parameters]
           -on the EDIT menu click NEW, then click DWORD Value
           -Type "DisableEFSOnWebDav" to name it (no speech marks)
           -on the EDIT menu, click MODIFY, type 1, then click OK
           -You MUST now restart this computer for the registry change to take effect.
      b) On Windows Server 2008 / Vista / XP you'll FIRST need to
download Windows6.0-KB959439 here. Then do the above step.
         NB microsoft will ask for your email. They don't care about licence key legality, it is more to keep you updated if they modify that hotfix
12 To test on local machine (eg \\fileserver) and deliberately bypass the firewall.
      a) make sure WebClient Service is running
            (click START, type "services" and open, scroll down to WebClient and check its status)
      b) Open your internet software. Go to address "http://localhost:80" or "http://localhost:80"
            It should show the default "IIS7" image.
            If not, as firewall and port blocking are bypassed (using localhost) it must be a webDAV server setting. Check "Authorization Rules" are set to "Allow All Users"
      c) for one of the "virtual directories" you added (8), add its "alias" onto "http://localhost/"
                e.g. http://localhost/D_drive
            If nothing is listed, check "Directory Browsing" is enabled
13 To test on local machine or a networked client and deliberately try and access through the firewall or port opening of your router.
      a) make sure WebClient Service is running
            (click START, type "services" and open, scroll down to WebClient and check its status)
      b) open your internet software. Go to address "http://<computer>:80" or "http://<computer>:80".
              eg if your server's computer name is "fileserver" go to "http://fileserver:80"
              It should show the default "IIS7" image. If not, check firewall and port blocking.
              Any issue ie if (12) works but (13) doesn't, will indicate a possible firewall issue or router port blocking issue.
     c) for one of the "virtual directories" you added (8), add its "alias" onto "http://<computername>:80/"
               eg if alias is "C_driver" and your server's computer name is "fileserver" go to "http://fileserver:80/C_drive"
               A directory listing of files should appear.
--- ON EACH CLIENT ----
HOTFIX - improve upload + download speeds
14 Click START and type "Internet Options" and open the link
      a) click the "Connections" tab at the top
      b) click the "LAN Settings" button at the bottom right
      c) untick "Automatically detect settings"
HOTFIX - remove 50mb file limit
15 On Windows 7 you need only change one tiny registry value:
      a) click START, type "regedit", open link
    b) browse to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WebClient\Parameters]
       c) click on "FileSizeLimitInBytes"
       d) on the EDIT menu, click MODIFY, type "ffffffff", then click OK (no quotes)
HOTFIX - remove prompt for user+pass on opening an office or pdf document via WebDAV
16 On each clientpc click START, type "Internet Options" and open it
         a) click on "Security" (top) and then "Custom level" (bottom)
         b) scroll right to the bottom and under "User Authentication" select "Automatic logon with current username and password"
         SUCH an easy fix. SUCH an annoying problem on a clientpc
   NB: this is only an issue if the file is opened through windows explorer. If opened through the "open" dialogue of the software itself, it doesn't happen. This is as a WebDAV mapped drive is consdered a "web folder" by windows
explorer.
TEST SETUP
17 On the client use the normal "map network drive"
            e.g. server= "http://fileserver:80/C_drive", tick reconnect at logon
            e.g. CMD: net use * "http://fileserver:80/C_drive"
         If it doens't work check "WebDAV Authoring Rules" and check NTFS permissions for these folders. Check that on the filserver the elected impersonation user that the client is logging in with (clientpc
"manage network passwords") has NTFS permissions.
18 Test that EFS is now working over the network
       a) On a clientpc, map network drive to http://fileserver/
       b) navigate to a folder you know on the \\flieserver is encrypted with EFS
       c) create a new folder, create a new file.
           IF it throws an error, check carefully you mapped to the WebDAV and not file share
              i.e. mapped to "http://fileserver" not "\\fileserver"
           Check that on clientpc the required efs certificate is installed. Then check carefully on clientpc what user account you specified during the map drive process. Then check on the \\fileserver this
account exists and has the required EFS certificate installed for use. If necessary, on clientpc click START, type "Manage Network Passwords" and delete the windows credentials currently in the vault.
       d) on clientpc (through a webDAV mapped folder) open an encrypted file, edit it, save it, close it. On the \\fileserver now check that file is readable and not gobble-de-goup
       e) on clientpc copy an encrypted efs file into a folder (a webDAV mapped folder) you know is not encrypted on \\fileserver. Now check on the \\fileserver computer that the file is readable and not gobble-de-goup (ie the
clientpc decrypted it then copied it).
        If this fails, it is likely one in IIS setting on fileserver one of the shared virtual directories is set to: "pass through authentication" when it should be set to "connect as"
        If this is not readable check step (11) and that you restarted the \\fileserver computer.
19 Test that clients don't get the VERY annoying prompt when opening an Office or PDF doc
      a) on clientpc in windows explorer browse to a mapped folder you know is encrypted and open an office file and then PDF.
            If a prompt for user+pass then check hotfix (16)
20 Consider setting up a recycling bin for this mapped drive, so files are sent to recycling bin not permanently deleted
      a) see the last comment at the very bottom of
this page:
Points to consider:
   - NB: WebDAV runs on \\fileserver under a local user account, so double check local NTFS permissions for that local account and adjust file permissions accordingly. If the local account doesn't have permission, the webDAV / web folder share won't
either.
- CONSIDER: IP Security (IPSec) or Secure Sockets Layer (SSL) to protect files during transport.
MORE INFO: HOTFIX: RAW DATA TRANSFERS
More info on step (11) above.
Because files remain encrypted during the file transfer and are decrypted by EFS locally, both uploads to and downloads from Web folders are raw data transfers. This is an advantage as if data is intercepted it is useless. This is a massive disadvantage as
it can cause unexpected results. IT MUST BE FIXED or you could be in deep deep water!
Consider using \\clientpc to access a webfolder on \\fileserver and copying an encrypted EFS file (over the network) to a web folder on \\fileserver that is not encrypted.
Doing this locally would automatically decrypt the file first then copy the decrypted file to the non-encrypted folder.
Doing this over the network to a web folder will copy the raw data, ie skip the decryption stage and result in the encrypted EFS file being raw copied to the non-encrypted folder. When viewed locally this file will not be recognised as encrypted (no encryption
file flag, not green in windows explorer) but it will be un-readable as its contents are still encrypted. It is now not possible to locally read this file. It can only be viewed on the \\clientpc
There is a fix:
      It is implimented above, see (11) above
      Microsoft's support page on this is excellent and short. Read "problem description" of "this microsoft webpage"
Other problems + fixes
PROBLEM: Can't find server due to network location.
     This one took me a long time to track down to "network location".
     Win 7 uses network locations "Home" / "Work" / "Public".
     If no gateway is specified in the IP address, the network is set to '"unidentified" and so receives "Public" settings.
     This is a disaster for remote file share access as typically "network discovery" and "file sharing" are disabled under "Public"
     FIX = either set IP address manually and specify a gateway
     FIX = or force "unidentified" network locations to assume "home" or "work" settings -
read here or
here
     FIX = or change the "Public" "advanced network settings" to turn on "network discovery" and "file sharing" and "Password Protected Sharing". This is safe as it will require a windows
login to gain file access.
PROBLEM: Deleting files on network drive permanently deletes them, there is no recycling bin
       By changing the location of "My Contacts" or similar to the root directory of your mapped drive, it will be added to recycling bin locations
      Read
here (i've posted a batch script to automatically make the required reg files)
I really hope this helps people. I hope the keywords + long title give it the best chance of being picked up in web searches.

What probably happens is that processes are using those mounts. And that those processes are not killed before the mounts are unmounted. Is there anything that uses those mounts?

OEL 6.3 - mount.nfs: access denied by server

Similar Messages

Maybe you are looking for