Configure a system to use an existing authentication service for user and group information (part 2-kerberos)

Part 1 – LDAP

There are two ways to do this:

I Method – Graphical option

1- Being on the client side, we will install the authconfig-gtk and sssd packages that we will use:

# yum install authconfig-gtk sssd krb5-workstation nss-pam-ldapd pam_krb5

2- Open Applications–> Sundry –> authentication or run authconfig-gtk command :

# authconfig-gtk
and check:
# ssh ldapuser1@localhost
ldapuser1@localhost's password:
Last login: Thu Jun 14 19:47:45 2018 from localhost
Could not chdir to home directory /home/ldap/ldapuser1: No such file or directory
-sh-4.2$

II Method – Terminal option

Using the authconfig command

Help

# authconfig --help | egrep ldap

Write the configuration

# authconfig  --enableldap --disableldapauth --ldapserver=ldap://servidoripa.example.com --ldapbasedn="dc=example,dc=com" --enableldaptls --ldaploadcacert=ftp://server.example.com/pub/ca.crt --enablekbr5 --kbr5kdc=servidoripa.example.com --kbr5adminserver=servidoripa.example.com --kbr5realm=EXAMPLE.COM --disablekbr5kdcdns --update
# getent passwd ldapuser2

and test the conexion:
# ssh ldapuser1@localhost

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *