Kerberos Support

Perhaps surprisingly, Kerberos can be used to authenticate to Microsoft SQL Servers. [1] This affords single-signon (or, at most, "double-signon") capability in non-Windows environment.

To take advantage of Kerberos you have to set up your machine with keytab [2] from your Active Directory. You could use Samba or configure Kerberos directly (/etc/krb5.conf). configure includes options to define the location of your Kerberos installation (cf. Options to configure).

By default UNIX does not initialize a Kerberos ticket with your login account. You must use kinit to initialize a ticket. You could also configure Kerberos in PAM to initialize a Kerberos ticket at login time.



It works because much of Active Directory is based on Kerberos. From each according to his ability; to each according to his needs.


No, the author does not really know what he's talking about.