User:Damo2929/Single Sign on with SSSD
From Gentoo Wiki
Requirements
sys-auth/sssd net-misc/ntp
Active directory Integration.
machine needs kerberos configuring so that it will be able to find AD DC's to carry out auth.
edit /etc/krb5.conf
[libdefaults] default_realm = TEST.COM clockskew = 300 ticket_lifetime = 1d forwardable = true proxiable = true dns_lookup_realm = true dns_lookup_kdc = true [domain_realm] .test.com = TEST.COM test.com = TEST.COM test = TEST.COM [appdefaults] pam = { ticket_lifetime = 1d renew_lifetime = 1d forwardable = true proxiable = false retain_after_close = false minimum_uid = 1000 debug = false } [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/kdc.log admin_server = FILE:/var/log/kadmind.log
local system time must be in sync with the domain
Open LDAP intergration.