CentOS authenticating to Active Directory

Issues related to software problems
Post Reply
brendenm
Posts: 3
Joined: 2005/06/27 15:39:19

CentOS authenticating to Active Directory

Post by brendenm » 2005/06/27 18:42:52

Has anyone setup CentOS to authenticate to Active Directory? I've found multiple articles for different distributions on how to do it but none of them have worked.

Basically I want to setup the CentOS box and have it "just like" a windows domain computer where anyone can logon to it without first having a local user created.

Right now I can't even get kinit to work with my local and domain account.

I keep getting an error "KDC reply did not match expectations while getting initial credentials"

Any help would be appreciated.

stalione
Posts: 1
Joined: 2005/07/05 20:56:15

Re: CentOS authenticating to Active Directory

Post by stalione » 2005/07/05 21:20:41

[b]I have AD integration working pretty well. The error that you specified is because your /etc/krb5.conf is not properly configured.
Here is how my file looks:[/b]

[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

[libdefaults]
ticket_lifetime = 24000
default_realm = MY.DOMAIN.COM
dns_lookup_realm = true
dns_lookup_kdc = true

[realms]
SPDUSLISDC01.MY.DOMAIN.COM = {
kdc = spduslisdc01.my.domain.com:88
admin_server = spduslisdc01.my.domain.com:749
default_domain = my.domain.com
}

my.domain.com={
}

MY.DOMAIN.COM = {
kdc = spduslisdc01.my.domain.com
admin_server = spduslisdc01.my.domain.com
kdc = spduslisdc01.my.domain.com
}

[domain_realm]
my.domain.com = SPDUSLISDC01.MY.DOMAIN.COM
.my.domain.com = SPDUSLISDC01.MY.DOMAIN.COM
spduslisdc01.my.domain.com = SPDUSLISDC01.MY.DOMAIN.COM

[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}

[b]I got this file from some site during my research...so don't ask me to explain its contents. I did not get time to look into it...it works for me and thats good enough for now.[/b]

jbrost
Posts: 16
Joined: 2005/06/03 15:28:41
Location: New York City

CentOS authenticating to Active Directory

Post by jbrost » 2005/07/09 00:26:20

I followed this one for winbind and samba.

http://www.redmondmag.com/columns/article.asp?EditorialsID=858
--
Jim

Post Reply

Return to “CentOS 4 - Software Support”