Results 1 to 6 of 6

Thread: Kerberos + LDAP with YaST

  1. #1

    Default Kerberos + LDAP with YaST

    Hi,

    In the OpenSUSE documentation I red this very exciting chapter Chapter 6. Network Authentication with Kerberos That mentions "Using LDAP and Kerberos" which combined with NFSv4 would give my office net functionality of a M$ Win network.

    We are still on 11.2 (we have no win clients at all) and I was testing different setups of 11.4 in VM, but I can't get YaST to configure the LDAP with Kerberos setup (our current setup does not use Kerberos only LDAP). Unfortunately I could not find any meaningful HOWTO on how to do it in SuSE. The page in docs involves editing config files, but I would like to avoid this, because from my former experience with Samba, as it would mean I cannot use yast anymore and that is sad.

    Back to my questions:

    1. Is there a way to configure LDAP + Kerberos (in terms of issuing of krb tickets at login) with YaST?

    2. If there is a way, could someone at least roughly explain how?

    Tanks in advance.

    PS: I basically need Kerberos for NFS and Intranet site.

  2. #2
    Join Date
    Aug 2008
    Location
    Behind the 8 ball
    Posts
    116

    Default Re: Kerberos + LDAP with YaST

    This may help Network Authentication with Kerberos

    Good luck,
    Hiatt

  3. #3

    Default Re: Kerberos + LDAP with YaST

    First I was amused you mention the same page as I did, then I thought you mean smth else. Are you implying that if I make LDAP authenticate itself against the client, the ticket will be created? Could you please be more explicit...

    I would really appreciate a direct answer to my first question, that is really important as I want to use autoyast.

  4. #4
    Join Date
    Aug 2008
    Location
    Behind the 8 ball
    Posts
    116

    Default Re: Kerberos + LDAP with YaST

    Wow, I just realized what I did, sorry for giving you that link.

    Here is some better information (I hope)
    CITI: Projects: NFS Version 4 Open Source Reference Implementation
    OpenSUSE 11.1 Reference - NFS with Kerberos
    Kerberos Infrastructure HOWTO

    You should be able to get a ticket at login by configuring PAM.
    You AD administrator will need to assist you with getting the keytab file.
    I don't use YAST very often, most of my configuration is done with the command line.
    Sorry again for the dumb post earlier.

    Good luck

  5. #5

    Default Re: Kerberos + LDAP with YaST

    That's ok, no prob. Can I ask you one question, if yast is not the primary reason you use Suse, what is it then?

  6. #6
    Join Date
    Aug 2008
    Location
    Behind the 8 ball
    Posts
    116

    Default Re: Kerberos + LDAP with YaST

    Quote Originally Posted by bisoutsourcing View Post
    That's ok, no prob. Can I ask you one question, if yast is not the primary reason you use Suse, what is it then?
    Yast is a great tool but in my environment there a quite a few servers so logging in to each system to use Yast would be very time consuming. It's easier to write a script that will make the desired changes and then broadcast it out to all the servers. Suse (SLES actually) was chosen because we were a Novell shop. We are now moving to AD and openSuse.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •