How to Configure a Kerberos Client <meta http-equiv="refresh" content="0;url='http://www.oracle.com/pls/topic/lookup?ctx=solaris11'"> for an Active Directory Server (System Administration Guide: Security Services)

System Administration Guide: Security Services

How to Configure a Kerberos Client for an Active Directory Server

This procedure uses the kclient installation utility without a installation profile.

Become superuser.

(Optional) Enable DNS resource record creation for the client.

The first command causes DNS records to be created when the client is joined to the Active Directory domain. The second command records this change in the running configuration of this service.
client# svccfg -s smb/server setprop smbd/ddns_enable=true client# svcadm refresh smb/server

Run the kclient installation script.

You need to provide the following information:
- Password for the administrative principal

Example 23–11 Configuring a Kerberos Client for an Active Directory Server Using `kclient`.

The following output shows the results of running the kclient command using the ms_ad (Microsoft Active Directory) server type argument. The client will be joined to the Active Directory domain called EXAMPLE.COM.

client# /usr/sbin/kclient -T ms_ad

Starting client setup
---------------------------------------------------

Attempting to join 'CLIENT' to the 'EXAMPLE.COM' domain.
Password for Administrator@EXAMPLE.COM: <Type the password>
Forest name found: example.com
Looking for local KDCs, DCs and global catalog servers (SVR RRs).

Setting up /etc/krb5/krb5.conf

Creating the machine account in AD via LDAP.
---------------------------------------------------
Setup COMPLETE.
#

How to Configure a Kerberos Client for an Active Directory Server

Example 23–11 Configuring a Kerberos Client for an Active Directory Server Using kclient.

Example 23–11 Configuring a Kerberos Client for an Active Directory Server Using `kclient`.