/
Kerberos Authentication Configuration Steps

Kerberos Authentication Configuration Steps

Kerberos Configuration File Reminder

All examples below display configuration files that are appropriate for our example.  Please be certain to configure as it pertains to your deployment.

  • You should access your SoftNAS instance from both the Web and the CLI as you will need both for configuration.

1. Configure Kerberos Files

  • From within SoftNAS, navigate to Settings >Identity and Access Control > Kerberos

  • Enter the required information into the Default Configuration text boxes.

  • Once done, click the Update Configuration button.  This will update your /etc/krb5.conf file.

2. Obtain Ticket

  • Issue the following command to obtain a ticket and store it in a credential cache file:

    kinit <principal/user>

kinit

By default, kinit attempts to authenticate using the same system login user name (not the Kerberos server).  If that user name does not match a principal in the Kerberos database, kinit will issue an error message.  Best practice is to supply kinit with the name of the correct principal/user as shown above and in the example on the right.

  • Enter the password for your principal/user.

3. Verify Credentials are in Cache

  • To view and verify that credentials are in the cache, issue the following command:

    klist

4. Destroy the Cache

  • If you wish to destroy the cache and the credentials in it, issue the following command:

    kdestroy

Understand Authentication Failure

If you happen to run into a failure when issuing the kinit command, try issuing the command as follows to get a verbose view of what is happening.  This can be very useful in identifying problems.

KRB5_TRACE=/dev/stdout kinit <principle/user>

Related content

Kerberos Authentication SoftNAS Prerequisites
Kerberos Authentication SoftNAS Prerequisites
More like this
Configuring NFSv4 with Kerberos and LDAP Authentication
Configuring NFSv4 with Kerberos and LDAP Authentication
Read with this
Configuring Kerberos
Configuring Kerberos
More like this
Configuring Kerberos to Connect to Active Directory
Configuring Kerberos to Connect to Active Directory
More like this
Working with Settings
Working with Settings
More like this
SoftNAS Multi-Protocol Integration with AD using Kerberos Authentication for NFS/CIFS
SoftNAS Multi-Protocol Integration with AD using Kerberos Authentication for NFS/CIFS
More like this