Please find the following link:
https://wiki.debian.org/AuthenticatingLinuxWithActiveDirectory
I don't know why it was truncated
Le sam. 25 avr. 2020 à 14:35, Jack Dangler a écrit :
>
> On 4/24/20 5:08 PM, Jean-Luc Chandezon wrote:
>
> Hello,
>
> I configure AD authentication (I followed
> https://wiki.debian.org/AuthenticatingL ... eDirectory), and it works
> fine.
>
> I added AD group to debian sudoers, no problem. @mydomain.ad is the
> default suffix for login. USers does not need to put this.
>
>
>
> My issue:
>
> Even locally I can not open session aymore, as root, or as local unix
> user. Is it possible?
>
>
>
> Here are krb5.conf:
>
> ---
>
> logging]
>
> Default = FILE:/var/log/krb5.log
>
>
>
> [libdefaults]
>
> ticket_lifetime = 24000
>
> click-skew = 300
>
> default_realm = MYDOMAIN.AD
>
>
>
> # The following krb5.conf variables are only for MIT Kerberos.
>
> kdc_timesync = 1
>
> ccache_type = 4
>
> forwardable = true
>
> proxiable = true
>
> [realms]
>
> MYDOMAIN.AD = {
>
> kdc = mydomain.ad:88
>
> admin_server = mydomain.ad:464
>
> default_domain = mydomain.ad
>
> }
>
>
>
> [domain_realm]
>
> .mydomain.ad = MYDOMAIN.AD
>
> mydomain.ad = MYDOMAIN.AD
>
> ---
>
>
>
> Thanks
>
>
>
> Jean-Luc
>
> Surprised you got to the page. I get -
> Forbidden
>
> You are not allowed to access this!
>
> when attempting to access the wiki at all.
>
