Hello,
I am using Kerberos for desktops using Gnome3.
Homedirectories are on the server using NFS4, the system is local.
The problem is that the position of the desktop icons is random after a
login. This is not the case with a local account.
Is here somebody with an idea what could be wrong?
Or
On Fri, Nov 28, 2014 at 1:15 AM, Rick van Rein wrote:
> Hey,
>
> > There were numerous advantages to this approach for our environment,
> however we never deployed it. I should have written a brief paper at the
> time.
>
> You still may ;-)
>
> It would require a new SRV record, and it would con
On Fri, Nov 28, 2014 at 12:54 AM, Rick van Rein
wrote:
> Hi Frank,
>
> > I didn't read the document, but from the name of it the EAP-GSS method I
> noted earlier would be a true Kerberos authentication -- the client has to
> pass on a kerberos token, not a password. It sounded like that's what y
Hello,
I would like to login automatic for some PC's using GDM3, it are PC's in
a public canteen.
Using "AutomaticLoginEnable" in /etc/gdm3/daemon.conf does not work,
because root on the local machine has no rights on the server.
Do you know a way to login automatically? Maybe by using no passw
On Fri, Nov 28, 2014 at 12:29 AM, Rick van Rein
wrote:
> Here is a detailed discussion of how to configure FreeRADIUS to use
> Kerberos with 802.1x authentication:
>
> http://freeradius.1045715.n5.nabble.com/802-1x-amp-kerberos-td2765708.html
>
That discussion is how to setup a PAP request insid
Hey,
> There were numerous advantages to this approach for our environment, however
> we never deployed it. I should have written a brief paper at the time.
You still may ;-)
It would require a new SRV record, and it would confuse Kerberos clients, I
suspect. But it’s an interesting angle.
Hi Frank,
> I didn't read the document, but from the name of it the EAP-GSS method I
> noted earlier would be a true Kerberos authentication -- the client has to
> pass on a kerberos token, not a password. It sounded like that's what you
> were going after.
Yes, it is, ideally.
> I'm wouldn'
Hi,
> it appears that general AVPs for RADIUS / DIAMETER are supported — and that
> includes RADIUS’ support for Kerberos authentication. Except that it is not
> supported by the IANA registry,
> http://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml#eap-numbers-10
I think this is simpl