Go to main content

Managing Kerberos in Oracle® Solaris 11.4

Exit Print View

Updated: August 2020
 
 

How to Create a Kerberos Client Installation Profile

This procedure creates a kclient profile that can be used when you install a Kerberos client. By using the profile, you reduce the likelihood of typing errors. Also, using the profile reduces user intervention as compared to the interactive process.


Note -  To create systems that initially boot as fully configured Kerberos clients, see Configuring Security in Installing Oracle Solaris 11.2 Systems .

Before You Begin

A KDC server is installed and configured.

The security/kerberos-5 package must be on your system. If you installed the security/kerberos-5/kdc package, the kerberos-5 package with the client features is installed.

You must assume the root role. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.

  1. Create a kclient installation profile.

    The following is a sample kclient profile:

    client# pfedit kcprofile
    REALM EXAMPLE.COM
    KDC kdc1.example.com
    ADMIN clntconfig
    FILEPATH /net/denver.example.com/export/install/krb5.conf
    NFS 1
    DNSLOOKUP none
  2. Protect the file and store it for use by other clients.
    client# cp kcprofile /net/denver.example.com/export/install
    denver# chown root kcprofile; chmod 644 kcprofile