User:M4rku5/Kerberos and OpenLDAP

This page shall mainly help me remember the steps I followed in setting up Kerberos + OpenLDAP to authenticate users with single sign-on accross multiple servers. As of writing I have not yet fininshed setting everything up.

Intended Features

 * Use Kerberos to verify passwords, secure NFSv4 and provide single sign-on accross all servers
 * Use OpenLDAP to make user and group information available accross all servers (i.e. replace /etc/passwd and /etc/groups)
 * Use OpenLDAP to store additional email aliases for users (for use with postfix)

= Setting up the Server =

Setting up Kerberos
Emerge mit-krb5 but don't use the useflag yet.

Setting up OpenLDAP
Emerge openldap.

Re-emerge mit-krb5 with the useflag.

= Setting up Clients =

Resources
https://www.soljerome.com/blog/2011/08/31/gentoo-nfsv4-and-mit-kerberos/ http://forums.gentoo.org/viewtopic-t-565180-start-0.html