On Tue, Aug 01, 2017 at 03:02:04PM -0400, Louis Garcia wrote: > I've setup a kdc server and I'm able to kinit from my client and get a > ticket for ssh, nfs. I am having trouble setting up sssd so I can skip > kinit. I only setup a kerberos server do I also need a ldap server? > > This is how I configured PAM: #authconfig --enablesssd --enablesssdauth > --enablekrb5 --update > > I'm sure not one line of my sssd.conf file is right. > > [sssd] > services = nss, pam > config_file_version = 2 > reconnection_retries = 3 > sbus_timeout = 30 > > [nss] > filter_groups = root > filter_users = root > > [pam] > reconnection_retries = 3 > offline_credentials_expiration = 2 > offline_failed_login_attempts = 3 > offline_failed_login_delay = 5 > > [domain/kerberos] > id_provider = proxy > proxy_lib_name = false
false is almost certainly true, did you mean files? > > auth_provider = krb5 > chpass_provider = krb5 > krb5_realm = MONTCLAIRE.LOCAL > krb5_server = panther.montclaire.local > > cache_credentials = True > krb5_store_password_if_offline = True > _______________________________________________ > sssd-users mailing list -- sssd-users@lists.fedorahosted.org > To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org