Call for Bikeshedding: remote auth at install time

[Stef Walter]

On 04.06.2013 17:44, Adam Williamson wrote:
> On Tue, 2013-06-04 at 10:26 -0400, Przemek Klosowski wrote:
> 
>> For what it's worth, remote authentication is increasingly important 
>> where I sit, so everything that makes it easier to set up is welcome. As 
>> of now, my cheat sheet for older Fedoras and RHEL is several pages long 
>> and involves manual reconfiguration of samba/winbind, kerberos and pam 
>> modules--but I haven't tried to do it in F19 yet, either way. What keeps 
>> bugging me is that the whole lashup is fragile and involves magic 
>> ('winbind crashed with no error messages; restart it; oops crashed 
>> again; restart samba maybe; YAY, success, don't touch anything')
>>
>> I would be tickled pink if it's a more supported workflow now. I will 
>> check it out and file bugs or kudos, depending on the outcome.

If you have issues, would love to hear about them. Please CC me on bugs.

If you're interested in getting involved, you can look through the test
cases here:

https://fedoraproject.org/wiki/Test_Day:2013-05-09_SSSD_Improvements_and_AD_Integration

> Well, right now, you're not going to get any further than the cited bug
> report (https://bugzilla.redhat.com/show_bug.cgi?id=965883 ) with
> anaconda / i-s; that's all you get. g-i-s 0.11 should have
> somewhat-working remote auth config support for the first time, though
> as Simo has noted, it is more or less limited to AD and FreeIPA, and it
> hasn't been tested very much at all (because up until 0.11 it was
> utterly broken). Fedora 19 Final TC1 should be the first build with
> g-i-s 0.11.

What does work, and has been tested is logging in as root and simply
typing this:

realm join mydomain.com

Alternatively put that command in kickstart.

Use --verbose to see gory details, and --user if necessary.

And then you should be able to use remote authentication and identities.
For now that's with FreeIPA and AD domains, but hopefully we'll be able
to do more later.

Cheers,

Stef