[Freeipa-users] ipa-client-automount troubles

Hi, I lately have tried to get the autofs working with bit of trouble. I have a following setup: ipa-autofs: default - auto.master   - <mount point at client>   auto.home - auto.home   -*    <path on server>/& nfs-server: <path to share> gss/krb5i(rw,sync,no_subtree_check,no_root_squash) ipa: service nfs/<server fqdn> service nfs/<client fqdn> and copied to server/client all services running and if I (root): ls /<mountpoint of homes>/<user home folder> it should mount but instead I get: SSSD: Sep 04 09:25:11 <host> krb5_child[41263]: Preauthentication failed AUTOFS:  >> mount.nfs: access denied by server while mounting <path> On /var/log/sssd/krb5_child.log i get this:    *  (2022-09-04  9:25:23): [krb5_child[41266]] [become_user] (0x0200): [RID#28] Trying to become user [925800000][925800000]. This is admin user at IPA. Not the user who's home folder we tried to 'ls'    *  (2022-09-04  9:25:23): [krb5_child[41266]] [main] (0x2000): [RID#28] Running as [925800000][925800000].    *  (2022-09-04  9:25:23): [krb5_child[41266]] [set_lifetime_options] (0x0100): [RID#28] No specific renewable lifetime requested.    *  (2022-09-04  9:25:23): [krb5_child[41266]] [set_lifetime_options] (0x0100): [RID#28] No specific lifetime requested.    *  (2022-09-04  9:25:23): [krb5_child[41266]] [set_canonicalize_option] (0x0100): [RID#28] Canonicalization is set to [true]    *  (2022-09-04  9:25:23): [krb5_child[41266]] [main] (0x0400): [RID#28] Will perform auth    *  (2022-09-04  9:25:23): [krb5_child[41266]] [main] (0x0400): [RID#28] Will perform online auth    *  (2022-09-04  9:25:23): [krb5_child[41266]] [tgt_req_child] (0x1000): [RID#28] Attempting to get a TGT    *  (2022-09-04  9:25:23): [krb5_child[41266]] [get_and_save_tgt] (0x0400): [RID#28] Attempting kinit for realm [<REALM>]    *  (2022-09-04  9:25:23): [krb5_child[41266]] [sss_krb5_responder] (0x4000): [RID#28] Got question [password]. Is asking admin password for kerberos5 ticket and fails.    *  (2022-09-04  9:25:23): [krb5_child[41266]] [get_and_save_tgt] (0x0020): [RID#28] 1725: [-1765328360][Preauthentication failed] How would one go about this? -- Me worry? That's why my first CD was Peter Gabriel SO.... Sami Hulkko sahulkko(a)gmail.com sahulkko(a)icloud.com samihulkko(a)quantum-black-hole.com +358 45 85693 919