SSSD and Kerberos tickets

Christoph Höger choeger at
Tue Aug 17 21:02:18 UTC 2010

> If you had access to the school's LDAP setup (and I suspect they'd tell
> you if you asked) SSSD does what you're looking for internally.

Neither do I have access to that LDAP (though it might be technically
possible to connect to it, this is just not a supported use case) nor do
I want to rely on the it infrastructure of my university for my

> But if I'm understanding you right, you want to just use a local login
> and do a kinit (I don't know what 'kstart' means) when you log in.

This is exactly what I want. It seems like pam usually can do this:

But since fedora ships with a custom /etc/pam.d layout due to sssd
(which, as we discussed, cannot handle that use case), I'd like to know,
if I still (meaning with sssd in place) can apply the above mentioned

Btw: kstart is a kinit replacement that allows running arbitrary
commands after getting tickets.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : 

More information about the users mailing list