I need help in getting auxiliary groups mapped on Linux NFS client from a Windows NFSv4.1 server.
We have an IdM with AD trust in a mixed network environment. Our RHEL clients are joined to the IdM realm and Windows desktop/workstations are joined to the AD domain. IdM and AD realm/domain are different as IdM guide suggests. At this stage, we are successfully able to map IdM users to AD users and their respective primary group. Now, the idea is to have the same user access the same files via Linux or Windows workstations. It could be either it's home directory/folder and/or any shared folder/directory that is/are accessible w/r by the user's secondary group/s, but I can't get the secondary groups mapped over NFS.
By analyzing the network packets with Wireshark, I see that the RPC sends UID, GUID and GIDs of auxiliary groups and in return the Windows NFSv4.1 server sends out the owner of the share and owner group but not the other groups that have access the the share.
I tried mapping IdM/POSIX groups to External groups but still doesn't work. If I change the ownership of the share to the authenticated user on the Windows NFSv4.1 server, then it works fine. But we don't want that, we want members of a group to have access to a shared folder that the group has w/r permission.
Any help is appreciated.
Thanks,