-   Linux - Newbie (
-   -   Kerberos Authentication without Local Account? (

zachet 07-15-2009 01:16 PM

Kerberos Authentication without Local Account?

I have setup Kerberos authentication by correcting /etc/krb5.conf after installing libpam-krb5 and the krb5 tools package. With this I am able to authenticate to kerb just fine as long as there is a local account with the same username. Is there a method of self-creating a username upon success of authentication through kerberos, or perhaps defaulting to a specific local username so there doesn't have to be a pre-defined local account created for each individual?

acid_kewpie 07-15-2009 03:23 PM

normally you'd use ldap or, to a lesser extent, nis to hold the user data. That's the option you need to take really. I would assume you have a suitable system already available for this as kerberos must be running against it. If you have local accounts then you'll have mismatched UID's across systems and all sorts of mess.

All times are GMT -5. The time now is 03:30 AM.