Configuring Kerberos authentication on Red Hat Enterprise Linux 8 or later
To ensure a secure communication between Linux BigFix server and Active Directory, use the Kerberos protocol.
To integrate the Linux BigFix server with the Windows Active Directory domain using LDAP
with Kerberos authentication, perform the following steps:
- Ensure that the host names are set correctly in both the Linux BigFix server and the Active Directory server.
- Manually configure the
krb5.conf
file.
Preliminary checks
Before running the integration between the BigFix server running on a Red Hat Enterprise
Linux 8 or later system and the Active Directory server, ensure the following.
- The Red Hat Enterprise Linux is at release 8.9 or higher.
- The DNS host names of both the Red Hat Enterprise Linux and the Active Directory server are resolved correctly.
Manually configure krb5.conf file
Edit the /etc/krb5.conf
file and add the following lines, replacing
"TEM.TEST.COM", "tem.test.com" and “myHostName.tem.test.com" with the domain and
hostname in your environment (note that the case must be respected).
Remember to specify the ports for "kdc" and "admin_server" values in case you are not
using the default values (88 and 749
respectively):
default_realm = TEM.TEST.COM
[realms]
TEM.TEST.COM = {
kdc = myHostName.tem.test.com
admin_server = myHostName.tem.test.com
}
[domain_realm]
tem.test.com = TEM.TEST.COM
.tem.test.com = TEM.TEST.COM