Configure a system to use an existing authentication service for user and group information (part 2-kerberos)

Part 1 – LDAP

There are two ways to do this:

I Method – Graphical option

1- Being on the client side, we will install the authconfig-gtk and sssd packages that we will use:

# yum install authconfig-gtk sssd krb5-workstation nss-pam-ldapd pam_krb5

2- Open Applications–> Sundry –> authentication or run authconfig-gtk command :

# authconfig-gtk
and check:
# ssh ldapuser1@localhost
ldapuser1@localhost's password:
Last login: Thu Jun 14 19:47:45 2018 from localhost
Could not chdir to home directory /home/ldap/ldapuser1: No such file or directory

II Method – Terminal option

Using the authconfig command


# authconfig --help | egrep ldap

Write the configuration

# authconfig  --enableldap --disableldapauth --ldapserver=ldap:// --ldapbasedn="dc=example,dc=com" --enableldaptls --ldaploadcacert= --enablekbr5 --kbr5realm=EXAMPLE.COM --disablekbr5kdcdns --update
# getent passwd ldapuser2

and test the conexion:
# ssh ldapuser1@localhost

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *