Re: I've got Winbind working, now I want single-sign-on

From: Owen Dunn <owend@xxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 29 Jan 2008 19:43:27 +0000

Nico Kadel-Garcia <nkadel@xxxxxxxxx> writes:

Has anyone done this? Or are all the "single sign-on" references
I've found simply referring to single password, not to such an
automatic authentication technique?

Yep. From memory:

* Use winbind to make Unix box member of AD domain.

* net ads keytab on the Unix box to generate a keytab from the Unix
box's computer account in AD.

* GSSAPIAuthentication yes in /etc/ssh/sshd_config

* A kerberized PuTTY such as Quest. I'm working on kerberizing
official PuTTY now I have the need, but other things are currently
taking precedence.

Owen
.

Prev by Date: no password ssh
Next by Date: Re: no password ssh
Previous by thread: no password ssh
Next by thread: allowing LocalForward but restricting RemoteForward
Index(es):
- Date
- Thread

Relevant Pages

Re: groups memebrs
... >> on unix sys: how to know to which Groups a user is a member. ... >> the new username is not a member of any groups of the old one:( ... and you will find all the groups it belongs to. ...
(comp.unix.questions)
Re: Unrecovery by female...
... sysadmin+beard probably makes Unix a pretty good guess.) ... > Either that or you're a member of CAMRA. ... Or find the whole business of shaving unpleasant and ...
(alt.sysadmin.recovery)
Re: Dalekmania
... >> 9 years over mate. ... Use UNIX not Windows. ... Member - Liberal International ...
(rec.arts.drwho)
Re: iPod shuffle
... BSD the real Route to UNIX. ... Even Mac says so! ... Member - Liberal International ... God Queen and country! ...
(comp.unix.bsd.freebsd.misc)
Re: Unrecovery by female...
... sysadmin+beard probably makes Unix a pretty good guess.) ... Either that or you're a member of CAMRA. ... Prev by Date: ...
(alt.sysadmin.recovery)