User:Damo2929/Single Sign on with SSSD

Requirements

sys-auth/sssd net-misc/ntp

machine needs kerberos configuring so that it will be able to find AD DC's to carry out auth.

edit /etc/krb5.conf

[libdefaults] default_realm 	= 	TEST.COM clockskew 	= 	300 ticket_lifetime	=	1d forwardable    =       true proxiable      =       true dns_lookup_realm =     true dns_lookup_kdc =       true [domain_realm] .test.com = TEST.COM test.com = TEST.COM test	= TEST.COM

[appdefaults] pam = { ticket_lifetime 	= 1d renew_lifetime 		= 1d forwardable 		= true proxiable 		= false retain_after_close 	= false minimum_uid 		= 1000 debug 			= false }

[logging] default 		= FILE:/var/log/krb5libs.log kdc 			= FILE:/var/log/kdc.log admin_server           = FILE:/var/log/kadmind.log

local system time must be in sync with the domain