Authenticate RHEL 5 and 6 SSSD Using Kerberos and LDAP Against Active Directory on Windows Server 2008 R2

Published January 30, 2014 • Updated May 8, 2017

SSSD brought several authentication and authorization protocols under one roof.

Despite that, it can be tricky to configure RHEL 5 and 6 systems to authenticate with SSSD using Kerberos and LDAP against an Active Directory server. This post details the steps I took to set everything up.

Continue reading...

Linux Restrict Server Login via LDAP hostObject objectClass and host Attribute

Published February 1, 2013 • Updated January 10, 2019

It is possible to restrict Linux server login via LDAP by using the hostObject objectClass and host attribute.

Each LDAP user that you want to restrict login access to should have the hostObject objectClass so the host attribute becomes available to that LDAP user. Each LDAP user will have as many host attributes as there are servers that user needs access to.

Continue reading...