Mapping of Linux user ID's to Kerberos principals?
Matthijs Mohlmann
matthijs at active2.homelinux.org
Fri Nov 7 12:32:16 EST 2003
On Fri, 2003-11-07 at 16:51, xiongj at rpi.edu wrote:
> Hi everyone,
>
> I'm new to this mailing list and to Kerberos. Currently I'm working
> on setting up Kerberos with PAM for system-wide authentication in a network.
> I would like to setup Kerberos principal "root/hostname at realm" for each host
> in the network, and it has to correspond to the Linux userID "root" on each
> host. I can't find a way to map this so that when I log in as root, the
> system knows I'm trying to authenticate as root/hostname.
Please make a normal user without any privileges and then experiment.
It's a risk to setup root accounts in the Kerberos database.
>
> Is there a way to do this on Linux? From googling it seems like there's a
> tool Ksetup that does this mapping of Windows userIDs to Kerberos principals,
> and kerblink that maps RACF userIDs to Kerberos principals on IBM's z/OS, but
> didn't find a tool for Linux.
>
When searching on google i've got many hits...
> I can see doing this mapping with openLDAP but if there is a way to do this
> w/o LDAP I'd like to try it first.
>
It's possible to this mapping with OpenLDAP but searching on google
gives the answer.
Here is a Howto which i use:
http://active2.homelinux.org/LDAPv3-HOWTO.html
(The only thing i say is: RTFM)
> Thanks!
> Jin Xiong
>
>
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
More information about the Kerberos
mailing list