User:Damo2929/Single Sign on with SSSD

From Gentoo Wiki
Jump to: navigation, search

Requirements

sys-auth/sssd net-misc/ntp



Active directory Integration.

machine needs kerberos configuring so that it will be able to find AD DC's to carry out auth.


edit /etc/krb5.conf

[libdefaults]
        default_realm 	= 	TEST.COM
	clockskew 	= 	300
	ticket_lifetime	=	1d
        forwardable     =       true
        proxiable       =       true
        dns_lookup_realm =      true
        dns_lookup_kdc  =       true
	
[domain_realm]
        .test.com = TEST.COM
	test.com = TEST.COM
	test	= TEST.COM

[appdefaults]
	pam = {
	ticket_lifetime 	= 1d
	renew_lifetime 		= 1d
	forwardable 		= true
	proxiable 		= false
	retain_after_close 	= false
	minimum_uid 		= 1000
	debug 			= false
	}

[logging]
	default 		= FILE:/var/log/krb5libs.log
	kdc 			= FILE:/var/log/kdc.log
        admin_server            = FILE:/var/log/kadmind.log


local system time must be in sync with the domain








Open LDAP intergration.