[Freeipa-users] Kerberos authentication setup

[Boris Epstein]

On Fri, Nov 11, 2011 at 4:18 PM, Dmitri Pal <dpal at redhat.com> wrote:
>
> On 11/11/2011 03:52 PM, Boris Epstein wrote:
>
> Hello all,
> I've got my FreeIPA seemingly running on a Fedora 16 machine but I can not log into it from a browser as I get the "Your kerberos ticket is no longer valid." message. So the question is: is there a good guide on how to set up the Kerberos components involved?
>
> Do you use browser from the same machine as you server or different?
> Is it a Linux machine?
> What is the browser you are using?
>
> The procedure is (on server):
> 1) Install server
> 2) kinit admin (or other user you want to use that you added)
> 3) start browser
> 4) follow the prompts reading carefully - accept certs and let the browser configuration script run
> 5) Enjoy the UI
>
> On non server:
> 1) Install client
> 2) kinit admin (or other user you want to use that you added)
> 3) start browser on that machine
> 4) follow the prompts reading carefully - accept certs and let the browser configuration script run
> 5) Enjoy the UI
>
> If you are trying to access it from a machine that is not a member of the domain you have to go to IPA and allow basic auth but we do not recommend it as it is insecure.
>
>
>
>
> Thanks.
> Boris.
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
> --
> Thank you,
> Dmitri Pal
>
> Sr. Engineering Manager IPA project,
> Red Hat Inc.
>
>
> -------------------------------
> Looking to carve out IT costs?
> www.redhat.com/carveoutcosts/
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

Dmitry,

We intend to have this on a secure network so how do I enable basic
authentication?

And thanks for all your help.

Boris.