I've setup a kdc server and I'm able to kinit from my client and get a
ticket for ssh, nfs. I am having trouble setting up sssd so I can skip
kinit. I only setup a kerberos server do I also need a ldap server?
This is how I configured PAM: #authconfig --enablesssd --enablesssdauth
--enablekrb5 --update
I'm sure not one line of my sssd.conf file is right.
[sssd]
services = nss, pam
config_file_version = 2
reconnection_retries = 3
sbus_timeout = 30
[nss]
filter_groups = root
filter_users = root
[pam]
reconnection_retries = 3
offline_credentials_expiration = 2
offline_failed_login_attempts = 3
offline_failed_login_delay = 5
[domain/kerberos]
id_provider = proxy
proxy_lib_name = false
auth_provider = krb5
chpass_provider = krb5
krb5_realm = MONTCLAIRE.LOCAL
krb5_server = panther.montclaire.local
cache_credentials = True
krb5_store_password_if_offline = True