Linux kerberos authentication ; gdm
Bjoern Tore Sund
bjorn.sund at it.uib.no
Mon Jul 6 04:16:45 EDT 2009
Nicolas Michel wrote:
> Hi here,
>
> I want to authenticate some linux computers (ubuntu) on a kerberos
> server, linked to an ldap one. I see how to do that with pam.
> But I have two questions :
> - is there an "offline" mode? (if I have no access to the internet I
> want to have access to my session)
Not with Kerberos itself, unless you start configuring a Kerberos server
slave on each client... You may want to have a look at pam_usersync,
https://sourceforge.net/projects/pam-usersync/develop - there are man
pages in the code explaining how to use it. It syncronises user data
into local passwd files if a successful network login is done. Works
with any network authentication system, we're using it with Kerberos for
our Linux laptops.
> - with gdm, is it possible to get a window when the password must be
> changed (and where must I configure that password policy? On the
> kerberos server?)
Sorry, outside of what I've looked at.
-BT
--
Bjørn Tore Sund Phone: 555-84894 Email: bjorn.sund at it.uib.no
IT department VIP: 81724 Support: http://bs.uib.no
Univ. of Bergen
When in fear and when in doubt, run in circles, scream and shout.
More information about the Kerberos
mailing list