CentOS authenticating to Active Directory

CentOS authenticating to Active Directory

Post by brendenm » 2005/06/27 18:42:52

Has anyone setup CentOS to authenticate to Active Directory? I've found multiple articles for different distributions on how to do it but none of them have worked.

Basically I want to setup the CentOS box and have it "just like" a windows domain computer where anyone can logon to it without first having a local user created.

Right now I can't even get kinit to work with my local and domain account.

I keep getting an error "KDC reply did not match expectations while getting initial credentials"

Any help would be appreciated.

Re: CentOS authenticating to Active Directory

Post by stalione » 2005/07/05 21:20:41

[b]I have AD integration working pretty well. The error that you specified is because your /etc/krb5.conf is not properly configured.
Here is how my file looks:[/b]

default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

ticket_lifetime = 24000
default_realm = MY.DOMAIN.COM
dns_lookup_realm = true
dns_lookup_kdc = true

kdc = spduslisdc01.my.domain.com:88
admin_server = spduslisdc01.my.domain.com:749
default_domain = my.domain.com


kdc = spduslisdc01.my.domain.com
admin_server = spduslisdc01.my.domain.com
kdc = spduslisdc01.my.domain.com

my.domain.com = SPDUSLISDC01.MY.DOMAIN.COM
.my.domain.com = SPDUSLISDC01.MY.DOMAIN.COM
spduslisdc01.my.domain.com = SPDUSLISDC01.MY.DOMAIN.COM

profile = /var/kerberos/krb5kdc/kdc.conf

pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false

[b]I got this file from some site during my research...so don't ask me to explain its contents. I did not get time to look into it...it works for me and thats good enough for now.[/b]

CentOS authenticating to Active Directory

Post by jbrost » 2005/07/09 00:26:20

I followed this one for winbind and samba.


