[opensuse] Kerberos Access & Ticket Management
openSUSE 12.2 x86_64 gnome-shell-3.6.2-1.2.x86_64 I access resources in an Active Directory domain from my laptop. What is the best way to manage Kerberos tickets from GNOME3? I has assumed there would be a Kerberos "online account", but that isn't available. Adding Kerberos to 'the system' via YaST does not work well as it is my laptop and that assumes my account == my AD account. -- Adam Tauno Williams GPG D95ED383 Systems Administrator, Python Developer, LPI / NCLA -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Thu, Dec 20, 2012 at 11:24:43AM -0500, Adam Tauno Williams wrote:
openSUSE 12.2 x86_64 gnome-shell-3.6.2-1.2.x86_64
I access resources in an Active Directory domain from my laptop. What is the best way to manage Kerberos tickets from GNOME3? I has assumed there would be a Kerberos "online account", but that isn't available.
Adding Kerberos to 'the system' via YaST does not work well as it is my laptop and that assumes my account == my AD account.
Have you tried to join the domain with the help of the YaST Windows Domain Membership module? You need to required credentials/ rights on the Microsoft Active Directory side. Else you're not able to join your Linux system to the domain. After the domain join you're able to login with <domain>\<user> for the user prompt and your password on the Microsoft side. Afterwads check the list of cached Kerberos tickets by calling klist -l For the applications it depends on the particular implementation. In Firefox for example you need to tweake via about:config the setting of network.negotiate-auth.trusted-uris and set it to your domain name. Chaeers, Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
participants (2)
-
Adam Tauno Williams
-
Lars Müller