如何自动配置 Kerberos 客户机
开始之前
此过程使用安装配置文件。请参见如何创建 Kerberos 客户机安装配置文件。
-
成为超级用户。
-
运行 kclient 安装脚本。
要完成此过程,需要提供 clntconfig 主体的口令。
client# /usr/sbin/kclient -p /net/kdc1.example.com/export/install/krb5.conf Starting client setup --------------------------------------------------- kdc1.example.com Setting up /etc/krb5/krb5.conf. Obtaining TGT for clntconfig/admin ... Password for clntconfig/admin@EXAMPLE.COM: <Type the password> nfs/client.example.com entry ADDED to KDC database. nfs/client.example.com entry ADDED to keytab. host/client.example.com entry ADDED to KDC database. host/client.example.com entry ADDED to keytab. Copied /net/kdc1.example.com/export/clientinstall/krb5.conf. --------------------------------------------------- Setup COMPLETE. client#
示例 22–5 使用命令行覆盖项自动配置 Kerberos 客户机
以下示例将覆盖在安装配置文件中设置的 DNSARG 和 KDC 参数。
# /usr/sbin/kclient -p /net/kdc1.example.com/export/install/krb5.conf\ -d dns_fallback -k kdc2.example.com Starting client setup --------------------------------------------------- kdc1.example.com Setting up /etc/krb5/krb5.conf. Obtaining TGT for clntconfig/admin ... Password for clntconfig/admin@EXAMPLE.COM: <Type the password> nfs/client.example.com entry ADDED to KDC database. nfs/client.example.com entry ADDED to keytab. host/client.example.com entry ADDED to KDC database. host/client.example.com entry ADDED to keytab. Copied /net/kdc1.example.com/export/install/krb5.conf. --------------------------------------------------- Setup COMPLETE. client# |
- © 2010, Oracle Corporation and/or its affiliates