P. 1
System Administration Guide

System Administration Guide

|Views: 4|Likes:
Publicado porRichard D Armstrong

More info:

Published by: Richard D Armstrong on Sep 02, 2011
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





The Authentication tab allows for the configuration of network authentication methods. To enable an
option, click the empty checkbox beside it. To disable an option, click the checkbox beside it to clear
the checkbox.

Chapter 27. Authentication Configuration


Figure 27-2. Authentication

The following explains what each option configures:

Enable Kerberos Support — Select this option to enable Kerberos authentication. Click the Con-
figure Kerberos
button to configure:

Realm — Configure the realm for the Kerberos server. The realm is the network that uses Ker-
beros, composed of one or more KDCs and a potentially large number of clients.

KDC — Define the Key Distribution Center (KDC), which is the server that issues Kerberos


Admin Servers — Specify the administration server(s) running kadmind.

Thekrb5-libsandkrb5-workstationpackages mustbeinstalled forthis option towork. Refer
to the Red Hat Enterprise Linux Reference Guide for more information on Kerberos.

Enable LDAP Support—Select this option tohave standard PAM-enabled applications useLDAP
for authentication. Click the Configure LDAP button to specify the following:

Use TLS to encrypt connections — Use Transport Layer Security to encrypt passwords sent to
the LDAP server.

LDAP Search Base DN — Retrieve user information by its Distinguished Name (DN).

LDAP Server — Specify the IP address of the LDAP server.

The openldap-clients package must be installed for this option to work. Refer to the Red Hat
Enterprise Linux Reference Guide
for more information about LDAP.

Use Shadow Passwords — Select this option to store passwords in shadow password format in
the /etc/shadow file instead of /etc/passwd. Shadow passwords are enabled by default during
installation and are highly recommended to increase the security of the system.

The shadow-utilspackage must be installed for this option to work. For more information about
shadow passwords, referto the Usersand Groupschapter inthe RedHatEnterprise Linux Reference

Enable SMB Support — This option configures PAM to use an SMB server to authenticate users.
Click the Configure SMB button to specify:

Workgroup — Specify the SMB workgroup to use.

Domain Controllers — Specify the SMB domain controllers to use.

Winbind — Select this option to configure the system to connect to a Windows Active Directory
or a Windows domain controller. User information can be accessed, as well as server authentication
options can be configured.


Chapter 27. Authentication Configuration

Use MD5 Passwords — Select this option to enable MD5 passwords, which allows passwords to
be up to 256 characters instead of eight characters orless. It is selected by default during installation
and is highly recommended for increased security.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->