Create K5 account from PAM module

Steve Langasek vorlon at dodds.net
Sat Oct 4 14:03:53 EDT 2003


On Sat, Oct 04, 2003 at 12:00:15PM +0200, Lukas Kubin wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1

> Is there a way, how to automatically create user's account in Kerberos
> during PAM authentication process to Linux server?
> Currently, our users authenticate to Linux using their Netware
> credentials. Since we are transforming our network to Kerberos/AFS, I
> would like the K5 accounts to be created for users who successfully
> authenticate using their Netware credentials.
> Thank you.

The pam_krb5_migrate PAM module was written with this in mind.  However,
it depends on private MIT header files, so it's something of a bear to
build.  (There's really no way around this, since those are the only
header files that let it connect to the MIT admin server in order to
create principals.)

  ftp://ftp.netexpress.net/pub/pam/pam_krb5_migrate.tgz

Cheers,
-- 
Steve Langasek
postmodern programmer


More information about the Kerberos mailing list