[Freeipa-users] LDAP authentication into FreeIPA

Jimmy g17jimmy at gmail.com
Tue Nov 15 21:01:40 UTC 2011 

I know the Windows systems don't have full integration with FreeIPA, but I
have Windows systems authenticating to FreeIPA the same as they would to a
regular MIT Kerberos system. The are not using the same config that is
posted on the FreeIPA website where the IPA users are mapped to a single
workstation user.

Jimmy

On Tue, Nov 15, 2011 at 3:40 PM, Steven Jones <Steven.Jones at vuw.ac.nz>wrote:

> Hi,
>
> I dont think there is much realistic hope of getting windows to
> authenticate to freeIPA......the others should be able to and the fedora
> docs on the freeipa documentation web page list a specific method for macs
> for one (but I have not tried it yet, but I will be)....ubuntu has been
> mentioned before....I have to try/do that as well....
>
> Siggi sent me some notes a while back,
>
> =============
>
> Ubuntu client install
>
>
> https://help.ubuntu.com/10.04/serverguide/C/kerberos.html
>
>
> sudo apt-get install krb5-user libpam-krb5 libpam-ccreds auth-client-config
>
>
> maybe also need libpam-ldap libnss-ldap
>
>
> Use ipa-getkeytab on a IPA server to retrieve the keytab for the host, and
> copy this to /etc/krb5.keytab on the Ubuntu client.
>
> [root at ipa1 ~]# ipa-getkeytab -s ipa1.ix.test.com -p host/
> ubuntu-client.ix.test.com -k /tmp/buntuclient_krb5.keytab
>
> If you prefer you can use something like CFengine to automate the whole
> process.
>
> =============
>
> Hope that helps.............
>
>
> regards
>
> Steven Jones
>
> Technical Specialist - Linux RHCE
>
> Victoria University, Wellington, NZ
>
> 0064 4 463 6272
>
> ________________________________
> From: freeipa-users-bounces at redhat.com [freeipa-users-bounces at redhat.com]
> on behalf of Boris Epstein [borepstein at gmail.com]
> Sent: Wednesday, 16 November 2011 9:03 a.m.
> To: freeipa-users at redhat.com
> Subject: [Freeipa-users] LDAP authentication into FreeIPA
>
> Hello all,
>
> This may be my general LDAP illiteracy - I only dealth with it briefly
> years ago - but I am trying to set up a FreeIPA server on Fedora 16 to have
> my Macs and Ubuntu Linux machines as well as a couple of Windows boxes to
> authenticate to - and seem not to be making much forward progress. Is there
> a step-by-step writeup on how to do that sort of thing?
>
> Thanks for any and all help.
>
> Boris.
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20111115/e4221ad0/attachment.htm>

More information about the Freeipa-users mailing list