MIT Kerberos Windows Domain

= MIT Kerberos Windows Domain Integration =

Prerequisites

 * 1) Make sure you have ntpd setup operational. NOTE: You cannot use Windows SNTP as clock source for NTP.
 * However you can do the other way around, having NTP host which is the clock source of Windows SNTP.
 * 1) DNS and Reverse-DNS lookup must be operational, make sure both your domain controller and the designated host are available in both modes.

Setup kerberos
Testing:

Setup
Update:

Update:

Test
Login to user1 with domain password using ssh.

Integrating sshd
First integrate pam/nss.

Update:

Integrating Samba Server
First integrate pam/nss.

Set all to system-remote-login:

Bugzilla
Integrate apache.

Go to Administration->Parameters->User Authentication, set: auth_env_id = REMOTE_USER auth_env_email = REMOTE_USER user_info_class = Env requirelogin = On

Clients
First authenticate using kinit

Validate ticket:

Firefox

 * 1) Go to about:config
 * 2) Set network.negotiate-auth.trusted-uris to .my_domain.com
 * 3) Use only fully qualified DNS names to access internal web sites.

Maintainer
Alon Bar-Lev