MITKerberosWindows

= MIT Kerberos Windows Domain Integration =

Prerequisites

 * 1) Make sure you have ntpd setup operational. NOTE: You cannot use Windows SNTP as clock source for NTP.
 * However you can do the other way around, having NTP host which is the clock source of Windows SNTP.
 * 1) DNS and Reverse-DNS lookup must be operational, make sure both your domain controller and the designated host are available in both modes.

Setup kerberos
Testing:

Integrating pam/nss
TODO

Integrating sshd
First integrate pam/nss.

Integrating Samba Server
First integrate pam/nss.

Clients
First authenticate using kinit

Validate ticket:

Firefox

 * 1) Go to about:config
 * 2) Set network.negotiate-auth.trusted-uris to .my_domain.com
 * 3) Use only fully qualified DNS names to access internal web sites.