Mailinglist Archive: yast-devel (30 mails)

< Previous Next >
Re: [yast-devel] YaST2 USER Module and LDAP + Kerberos
  • From: Michael Calmer <mc@xxxxxxx>
  • Date: Thu, 14 Feb 2013 14:51:44 +0100
  • Message-id: <5078364.DTJc6y4nF3@tait>

Am Donnerstag, 14. Februar 2013, 14:34:43 schrieb Jiří Suchomel:
V Thu, 14 Feb 2013 14:14:56 +0100

Günther J. Niederwimmer <gjn@xxxxxxxxxxx> napsáno:

I have a question and a Problem with the YaST2 User Module ;).

When I have a User configured with YaST, have I to change any in the
yaST ldap User Module?

My Problem a USER is configured with YaST USER+LDAP, I create the
User also in krb5 but it is not possible to expand the Entry with krb5

ank -x dn="uid=xxxx,ou=people,cd=example,dc=com" xxxx

I am a a little bit out of this bussiness :-)

Have you also played around with

-x linkdn=<dn>
-x containerdn=<container_dn>

parameters ?

I have to create with

ank xxxx

but now I have two USER xxxx in the LDAP DB

when I have to delete my User (with YasT) the User is deleted but the
krb5 USER do exist, but I can't find the User in YaST2. Later when I
have to recreate the USER with YaST2, YaST2 tell me the USER Exist !!

What is the correct way ?

Well, I'm not sure if I understand your questions.

First: YaST users module does not have any special handling of Kerberos
accounts at all.
It is, however, able to manage LDAP users. The supported
scenario is having users in LDAP database and (optionally) let them
authenticate via Kerberos.

This is the important part. yast2 users module does not support kerberos
You can try out and maybe you find a working solution, but we never tried it.

For setting the Kerberos authentication there's YaST Kerberos client
module, but for nothing more. Maybe YaST Kerberos server could help
you... Michael?

Kerberos server is only for the initial setup of a kerberos server.
Managing principals is not part of this module.


Michael Calmer

Michael Calmer
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
T: +49 (0) 911 74053 0
F: +49 (0) 911 74053575 - e-mail: Michael.Calmer@xxxxxxxx
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer
HRB 16746 (AG Nürnberg)

To unsubscribe, e-mail: yast-devel+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: yast-devel+owner@xxxxxxxxxxxx

< Previous Next >