thank you,
It is work by using ldap+krb5 (nisclient:centos4.8).By the way, Is it
possible to enroll nisclient ? And how to do this?And how to carry out HBAC
RULES for nisclient?I try to use WebUI,but i am not succeed,look
like this:
Enrollment
Kerberos Key:
Kerberos Key Not Present
One-Time-Password:
One-Time-Password Not Present
--
Host Certificate
Status:
*No Valid Certificate*
regards,
zhongq
2014-11-19 6:17 GMT+08:00 Dmitri Pal d...@redhat.com:
On 11/18/2014 02:13 AM, Zhong Qiang wrote:
hi,
I have some hosts installed centos4.8/6.5/5.9,and want to centralize
identity/policy/authorization.but ipa client isn't compatible with
centos4.8,so I try to configure FreeIPA integrated with NIS Domains.
IPAserver:centos7 (+DNS)
nisclient:centos4.8
ipaclient:centos6.6
I followed the instructions of this page:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/nis.html,to
add netgroup(nis_test) and users(zhongq).then configured nis client
installed centos4.8.on the nis client, I could get users data ,look like
that:
[root@nisclient ~]# getent passwd zhongq
zhongq:*:72481:72481:强 é:/home/zhongq:/bin/sh
However,I do not succeed to log into nisclient with zhongq account.
Any ideas?
Regards,
zhongq
You need to use some other method for authentication. NIS only supported
for identity not for authentication. Use pam_ldap or pam_krb5 for
authentication part.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project