Automatic User Migration to a Kerberos Realm - Managing Kerberos and Other Authentication Services in Oracle® Solaris 11.2

Managing Kerberos and Other Authentication Services in Oracle^® Solaris 11.2

Exit Print View

» ...Documentation Home » Oracle Solaris 11.2 Information Library » Managing Kerberos and Other Authentication ... » Planning for the Kerberos Service » Planning Kerberos Use of UNIX Names and ... » Automatic User Migration to a Kerberos Realm

Updated: August 2014

Managing Kerberos and Other Authentication Services in Oracle^® Solaris 11.2

Document Information

Using This Documentation

Chapter 1 Using Pluggable Authentication Modules

Chapter 2 About the Kerberos Service

Chapter 3 Planning for the Kerberos Service

Chapter 4 Configuring the Kerberos Service

Chapter 5 Administering Kerberos Principals and Policies

Chapter 6 Using Kerberos Applications

Chapter 7 Kerberos Service Reference

Chapter 8 Kerberos Error Messages and Troubleshooting

Chapter 9 Using Simple Authentication and Security Layer

Chapter 10 Configuring Network Services Authentication

Appendix A DTrace Probes for Kerberos

Security Glossary

Language:

Automatic User Migration to a Kerberos Realm

UNIX users who do not have valid user accounts in the default Kerberos realm can be automatically migrated by using the PAM framework. Specifically, you add the pam_krb5_migrate.so module to the authentication stack of the PAM service. Services are then configured so that whenever a user who does not have a Kerberos principal performs a successful password login to a system, a Kerberos principal would be automatically created for that user. The new principal password is then the same as the UNIX password. For instructions about using the pam_krb5_migrate.so module, see How to Configure Automatic Migration of Users in a Kerberos Realm.

Copyright © 2002, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices