#format wiki
#language en
= Linux authentication against AD ad01 & ad02 2016 =

 * Configure on Linux machine
   1. install kerberos
   1. edit /etc/krb5.conf
   1. install $ sudo apt-get install libpam-krb5
   1. If caching needed
      * install $ sudo apt-get install libpam-ccreds

 * Disable kerberos, to create a local account with
   * $  pam-auth-update
     * Unselect kerberos
     * Add user
     * Re-enable kerberos in $ pam-auth-update

 * /etc/krb5.conf
   {{{
[libdefaults]
	default_realm = VIGOR.CO.ZA
[realms]
 vigor.co.za = {
  kdc = ad1.vigor.co.za
  kdc = ad2.vigor.co.za
  admin_server = ad1
   default_domain = vigor.co.za
 }

 VIGOR.CO.ZA = {
  kdc = vigor.co.za
  admin_server = vigor.co.za
  default_domain = vigor.co.za
 }

[domain_realm]
 .vigor.co.za = VIGOR.CO.ZA
 vigor.co.za = VIGOR.CO.ZA
 VIGOR.CO.ZA = VIGOR.CO.ZA


}}}

...
----
CategoryLinux