Hi!
Best regards from/Med vänliga hälsningar från Johan Kragsterman Capvert -----Finn Andersen <xiphias...@gmail.com> skrev: ----- Till: ltsp-discuss@lists.sourceforge.net Från: Finn Andersen <xiphias...@gmail.com> Datum: 2016-12-09 10:48 Ärende: Re: [Ltsp-discuss] Ang: Kerberos ticket upon login Hmm...yes, and no. Sssd is used on the server. I'm using a fat-client, which is authenticating the "ltsp-way" with ldm/ssh. The kerberos ticket needs to live on the local machine running the fat-client image. The fat-client image doesn't have sssd installed. Btw I'm using Debian Jessie for my install. But, thanks for the tip. I'll look into mailinglist for sssd. Ok, I see. You can of coarse install/configure sssd and the clients, but the question is if it needs filesystem write access where it couldn't get it on a fat client...? That is perhaps configurable, though... /Johan Cheers, Finn Andersen On Fri, Dec 9, 2016 at 11:05 AM, Johan Kragsterman <johan.kragster...@capvert.se> wrote: Hi! -----Finn Andersen <xiphias...@gmail.com> skrev: ----- Till: ltsp-discuss@lists.sourceforge.net Från: Finn Andersen <xiphias...@gmail.com> Datum: 2016-12-09 09:56 Ärende: [Ltsp-discuss] Kerberos ticket upon login Hi! I'm almost done setting up a ltsp in our corporate environment. I use sssd/samba/kerberos to authenticate against Windows AD. Screensaver unlocking is working with kerberos. SSO with Firefox is working including corporate root ca certificate, which I thought was going to be the biggest problem. The only thing left is having a kerberos ticket created upon login. Is that something that is possible? Does anyone know how to accomplish this? PAM-magic?? Since you use sssd, it must be sssd that handles kerberos. Perhaps pam is involved, but sssd is responsible to handle the pam modules. I suggest you use the sssd mailing lists. If you are using ubuntu, though, sssd is a little bit of a mess, imho. It is much easier on fedora/rhel/centos. /Johan Thanks, Finn Andersen ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today.http://sdm.link/xeonphi _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today.http://sdm.link/xeonphi _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today.http://sdm.link/xeonphi _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today.http://sdm.link/xeonphi _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
