We are running a SGD 4.31.905 Array with two members, both are using SLES 10
as OS.
Following a tutorial, we have done the following steps on *both* machines to
setup the AD login authority:
Created /opt/tarantella/bin/jdk.i3li_1.5.0_10/jre/lib/security/krb5.conf
with this content:
[libdefaults]
default_realm = AD.MYDOMAIN.COM
default_checksum = rsa-md5
default_tkt_enctypes = des-cbc-md5 des-cbc-crc
default_tgs_enctypes = des-cbc-md5 des-cbc-crc
permitted_enctypes = des-cbc-md5 des-cbc-crc
[realms]
AD.MYDOMAIN.COM = {
kdc = ad.mydomain.com
}
[domain_realm]
ad.mydomain.com = AD.MYDOMAIN.COM
Then restarted SGD (in the meanwhile, more than twice ;-) )
In Array Manager, under Secure Global Desktop Login:
Checked search ldap and use closest ens match, search ldap and use ldap
profile and active directory login authority. Then inserted into the
fields ldap server - url: ad://ad.mydomain.com, username:
[EMAIL PROTECTED], password: your password for sgd user, base domain
and default domain: ad.mydomain.com.
After applying, we are able to use AD login for the Master Server, but not
for the slave. I have double checked the krb5.conf file, there is no
difference.
Also, on a test setup with one array member, the above settings just work
fine.
Anyone has a clue why the AD login is not working on the slave server?
Regars
Joerg
_______________________________________________
SGD-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sgd-users
