Linux authentication against AD ad01 & ad02 2016

Configure on Linux machine
1. install kerberos
2. edit /etc/krb5.conf
3. install $ sudo apt-get install libpam-krb5
4. If caching needed
  - install $ sudo apt-get install libpam-ccreds
Disable kerberos, to create a local account with
- $ pam-auth-update
  - Unselect kerberos
  - Add user
  - Re-enable kerberos in $ pam-auth-update

/etc/krb5.conf

[libdefaults]
        default_realm = VIGOR.CO.ZA
[realms]
 vigor.co.za = {
  kdc = ad1.vigor.co.za
  kdc = ad2.vigor.co.za
  admin_server = ad1
   default_domain = vigor.co.za
 }

 VIGOR.CO.ZA = {
  kdc = vigor.co.za
  admin_server = vigor.co.za
  default_domain = vigor.co.za
 }

[domain_realm]
 .vigor.co.za = VIGOR.CO.ZA
 vigor.co.za = VIGOR.CO.ZA
 VIGOR.CO.ZA = VIGOR.CO.ZA

...

CategoryLinux