Kerberos Authentication through RHEL 4
Javier Palacios
javiplx at gmail.com
Sun Sep 2 08:52:51 UTC 2007
> Do any one have idea how to configure RHEL 4 to authenticate with Active
> directory of Windows. If any one knows, Please give me the steps/method for
You don't need to use winbind or samba. If you have an existing local
user with the same name that the one in AD, it is as easy as install
pam-kerberos and set default domain on krb5.conf (AD has proper SRV
records). If you want any AD user to log in without local account, you
will need also pam_mkhomedir and configure nss-ldap against the AD.
You only need to properly map the attributes (I've no url, but it is
not hard to find on inet, and there is a hundreds paged document from
MS about AD-Unix integration where the mappings are given). You will
need anonymous access to AD, or fully integrate the linux machine on
the domain. If you want this, you can use either samba `net ads join`
or the ADKadmin utility
(http://www.css-security.com/cgi-bin/dnld_list.pl), which is a command
line kadmin that engages a domain controller instead of a standard
kerberos admin server.
Javier Palacios
More information about the redhat-list
mailing list