[LON-CAPA-admin] Kerberos?

lucasm at ohiou.edu lucasm at ohiou.edu
Mon Jun 5 19:20:50 EDT 2006 

Todd,

It really should be as easy as getting krb5.conf set up on your library 
server. The other servers do not need the setup as your library server is 
the only one doing the authentication.

I use kinit to make sure the system is configured okay as far as the 
server is concerned. (kinit simply 'grabs a ticket' if it authenticates 
okay.) If kinit works, then LON-CAPA should be able to authenticate.

I don't think there are any mechanisms for changing logins once they are 
set. If you are really certain this is something you want to do, it 
probably wouldn't be too hard to write a script to do this, but you'd need 
to be pretty careful.

Later,
Mark

  On Mon, 5 Jun 2006, Todd Ruskell wrote:

> Hi,
>
> This question is probably mostly for Mark, but I'll take reasonable advice
> from most anyone.  We're looking to start taking advantage of campus kerberos
> services.  From what little I've seen on the list, it appears that all I
> should really need to do is make the appropriate changes to
> the /etc/krb5.conf file which already exists, at least in sample form, on my
> system.  But usually when things look this easy I'm missing something
> important.  What is it in this case?
>
> Do I have to make the above, and any additional changes to all my servers, or
> just the library server?  It seems I should only need to do this on the
> library server, as that is the central authentication point.
>
> Once I'm reasonably comfortable that kerberos is actually working, is there a
> "magic switch" I can use to convert everyone from internal to kerberos
> authentication? (My guess is no, and for good reason).
>
> Is there a way for new course enrollments of existing users to switch those
> users to use kerberos?  (I suspect this is marginally more likely, but still
> probably no.)
>
> Or do I manually have to switch users from LON-CAPA's internal authentication
> to the global campus authentication?  (I'm guessing yes).
>
> Thanks for all your help.
>
> Todd
>
> -- 
> Dr. Todd Ruskell
> Senior Lecturer, Department of Physics       Office:  Meyer Hall 326
> Colorado School of Mines                     Phone: 303-384-2080
> 1523 Illinois Street                         Fax: 303-273-3919
> Golden, CO 80401
> _______________________________________________
> LON-CAPA-admin mailing list
> LON-CAPA-admin at mail.lon-capa.org
> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin
>

----------------------------------------------------------------------------
Mark Lucas					email: lucasm at ohiou.edu
252D Clippinger Lab  				phone: (740)597-2984
Department of Physics and Astronomy             fax:   (740)593-0433
Ohio University
Athens, OH 45701

More information about the LON-CAPA-admin mailing list