On Thu, Apr 11, 2013 at 10:30:26PM -0700, Jason Bishop wrote:Do I get it right that only the head node has a ketab?
> hi errbody, i may have an easy question, but i haven't found anything in
> the documentation which describes my use-case exactly. i hope you can help.
> my environment is kerberos for authentication and kerberos using
> host-keytab for ldap binds. sssd is working fine for this setup. the
> wrinkle is that i am trying to get this to work on a (Rocks) hpc cluster
> where i have kerberos running on headnode but not the compute nodes.
Can you just use anonymous LDAP binds on the other nodes?
> i am hoping that i can use the sssd config with kerberos authentication on
> the head node and have a simpler setup for the compute nodes. since ssh
> public keys are used for authentication on compute nodes, i really only
> need user and group enumeration working there. is there a simple way to
> get user list from sssd on head node for use on compute nodes?
> thank u
sssd-users mailing list