|
|
Sponsored Content
Top Forums
UNIX for Advanced & Expert Users
Problem: Single Sign On for linux
Post 302336128 by thanhdat on Tuesday 21st of July 2009 09:41:37 AM
07-21-2009
|
|
8 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I'd like to make a script that I can execute every time I sign on to my linux box that keeps track of the time and allows to me to add a remark to a file. So basically once I log in, I run the script, and it outputs the date and time to a text file (log.txt). But that isn't my problem.
I need... (1 Reply)
Discussion started by: Glider
1 Replies
2. UNIX for Dummies Questions & Answers
in a xen environment , i see a lot op dropped packets via netstat -i
Is this a sign of network problems, or is it normal to see this kind of numbers? i'm not sure how to interprete the data. is this normal, bad, critical. What are your stats on this?
I guess i have a xen issue of some sort,... (1 Reply)
Discussion started by: progressdll
1 Replies
3. UNIX for Dummies Questions & Answers
Does anyone have this handy
Thanks (0 Replies)
Discussion started by: 77yrold
0 Replies
4. Solaris
We are looking for implementing solaris single sign on with AD in our environment which as few hundred Solaris hosts and couple of hundred solaris zones ..IS there any third party software for the same or we can do it by just making the solaris servers as AD clients ? Any help is appreciated. (1 Reply)
Discussion started by: fugitive
1 Replies
5. Linux
Please help me, wasted hrs:wall:, to find this soulution:-
I need a command that will work on file (xml) and replace multiple occurrence (more than 2 times)
Examples
1. '==='
2. '===='
3. '======='
should be replaced by just '=='
Note :- single character should be replaced. (=... (13 Replies)
Discussion started by: RedRocks!!
13 Replies
6. Cybersecurity
Could someone please explain to me the difference between Shibboleth and Single Sign On? How are they related?
Thank you! (1 Reply)
Discussion started by: onlinelearner02
1 Replies
7. UNIX for Advanced & Expert Users
I'm looking at a config file with dollar signs. What do the dollar signs mean in front of a directory?
dir = ./demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
new_certs_dir = $dir/newcerts # default... (1 Reply)
Discussion started by: cokedude
1 Replies
8. UNIX for Advanced & Expert Users
I am trying to get a dollar sign variable to be expanded in single quotes. Not sure what I am doing wrong. I have tried every way I can think of.
for i in `cat file1`
do
for j in `cat file2`
do
ssh $i 'systemctl is-enabled "${j}" ';
done
done... (4 Replies)
Discussion started by: cokedude
4 Replies
LEARN ABOUT MOJAVE
sso_util
sso_util(8) BSD System Manager's Manual sso_util(8) NAME
sso_util -- Kerberos -- Open Directory Single Sign On SYNOPSIS
sso_util command [-args] DESCRIPTION
sso_util is a tool for setting up, interrogating and removing Kerberos configurations within the Apple Single Sign On environment. This tool can configure services, create and consume encrypted config records and tear down Kerberos installations Commands for sso_util : info [-p] [-g | -l | -L | -r dir_node_path [dir_node_path]] Returns information about the current Single Sign On environment info command arguments: -p Returns the data in XML format -g Returns the default Kerberos realm name -l Returns a list of the services sso_util knows how to Kerberize -L Returns the default Kerberos log file paths -r dir_node_path Returns whether or not the given node has a Kerberos record associated with it. If it does, it returns the default realm name. If dir_node_path is '.' (default) it also returns all the realm names available on the search path dir_node_path specifies the directory node in which to search for the computer record configure -r REALM -a admin_name [-p password] service Configures Kerberized services on the local machine for the given realm configure command arguments: -r REALM Kerberos realm for the service principals -a admin_name Account name of an administrator authorized to make changes in the Kerberos database -p password Password for the above administrator. The password can also be stored in a file and the path to the file can be passed as an environment variable - SSO_PASSWD_PATH. service Service can be any number of afp, ftp, imap, pop, smtp, ssh, fcsvr, DNS, or all useconfig [-u] [-R record_name] [-f dir_node_path] -a admin_name [-p password] Uses a secure config record to configure a server for Kerberos configure command arguments: -u Forces the update, ignoring that the update may already have been installed -R record_name Name of the Computer record containing the secure config record -f dir_node_path Specifies the directory node in which to find the given computer record -a admin_name Account name of an user authorized to use the secure config record (see generateconfig) -p password Password for the above user. The password can also be stored in a file and the path to the file can be passed as an envi- ronment variable - SSO_PASSWD_PATH. EXAMPLES
To configure a server in realm FOO.COM when you have the Kerberos administrator's password. Store the password in a file and set env var SSO_PASSWD_PATH to the file path sso_util configure -r FOO.COM -a kerberos_admin all To create a secure config record to allow the delegated administrators, Fred and Barney, to configure a server named fred.foo.com in realm FOO.COM (using an existing computer record). The Open Directory Master for foo.com is odmaster.foo.com. This can be run on any server and neither Fred nor Barney need to have the Kerberos administrator's password. Store the password in a file and set env var SSO_PASSWD_PATH to the file path. sso_util generateconfig -r FOO.COM -R fred.foo.com -f /LDAPv3/odmaster.foo.com -U Fred,Barney -a kerberos_admin all To use the secure config record to allow Barney to configure the server named fred.foo.com. Store the password in a file and set env var SSO_PASSWD_PATH to the file path. sso_util useconfig -R fred.foo.com -f /LDAPv3/odmaster.foo.com -a Barney FILES
/etc/krb5.keytab The configure and useconfig commands create or modify the krb5.keytab file. DIAGNOSTICS
You can add -v debug_level to any of the sso_util commands. Debug level 1 provides status information, higher levels add progressively more levels of detail. The maximum is level 7. NOTES
The sso_util tool is used by the Apple Single Sign On system to set up Kerberized services integrated with the rest of the Single Sign On components. SEE ALSO
kdc(8), kdcsetup(8), kerberos(8), krbservicesetup(8) Darwin June 1, 2019 Darwin