You can install and register UNAB on a Kerberos enabled endpoint to leverage the Kerberos Single Sign On (SSO) service to authenticate once and log into multiple endpoints with the same user credentials. If not configured, you enable SSO functionality on the endpoint by installing and configuring Kerberized network services and applications.
Because configurations differ between systems, we strongly recommend that you do the following before you enable Kerberos and SSO on the endpoint:
Note: For more system-specific Kerberos and SSO configuration, see your system documentation.
Example: Configure Kerberos on Solaris
The following example shows you the configuration required to configure Kerberos on Solaris. In this example, you install and configure Solaris packages to enable Kerberos.
Important! You may need to install and configure additional packages to configure the system you are using for Kerberos.
The following is a snippet from the /etc/pam.conf file displays the added sections that enable Kerberos authentication for rlogin, rsh and telnet:
# Kerberized rlogin service # krlogin auth required pam_unix_cred.so.1 krlogin auth required pam_krb5.so.1 # # rsh service (explicit because of pam_rhost_auth, # and pam_unix_auth for meaningful pam_setcred) # rsh auth sufficient pam_rhosts_auth.so.1 rsh auth required pam_unix_cred.so.1 # # Kerberized rsh service # krsh auth required pam_unix_cred.so.1 krsh auth required pam_krb5.so.1 # # Kerberized telnet service # ktelnet auth required pam_unix_cred.so.1 ktelnet auth required pam_krb5.so.1
Copyright © 2013 CA Technologies.
All rights reserved.
|
|