Configure Active DIR/Kerberos on Ubuntu and Red Hat


Ubuntu 10.04
  • copy /etc/krb5.conf from everest to /etc/
  • sudo apt-get install libpam-krb5
  • sudo pam-auth-update
Ubuntu 8.04
  • Install necessary packages

  • Configure Kerberos with the details of the AD realm and IP addresses, /etc/krb5.conf (copy it from everest)
  • Update the PAM configuration to check for Kerberos accounts, /etc/pam.d/common-auth, choose whether you want a Kerberos login prompt or a regular prompt first.

#

  • To manage the Kerberos tickets update /etc/pam.d/common-session

Red Hat Specific

  • rpm -qa | grep pam
  • Make sure you have: pam_krb5-2.2.14-10
  • copy over system-auth from everest (update if necessary)
  • Make sure that the clock is insync, otherwise auth will fail
  • Add users to wheel group for sudo privilege
  • use authconfig-tui to configure pan to use krb

Reference