Kerberizing services available in an IdM domain- how to add a service

Latest response

If I am reading the Identity Management guide correctly, all services available in a IdM domain are by default subjected to Kerberos ticketing. If I am reading it wrong, how do you add a new service to Kerberos within the IdM domain? Is it any different than adding a service to be ticketed by a stand-alone KDC (creating a principal for that service)?
Let's say I decided to have an NFS server within an IdM domain but I haven't touched anything Kerberos- related in that domain. Will the NFS service automatically be Kerberized without me needing to add it as a new principal?

Responses

Hi Varelov

No, you need to explicitly add service ticket for NFS servers to be able to use kerberos authentication.

Something like this from IPA server:

ipa service-add nfs/hostname.example.com

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.