I have a problem with setting up auth for users on Linux (Fedora Core 15 to be exact) using Active Directory on Windows 2008 Server with installed support for UNIX systems. I've successfully setup Kerberos, tested using kinit -p <login> and klist to see ticket. But I still cannot login.
To reduce useless answers for me: no Samba, Winbind, Likewise or other software allowed. Only NIS/LDAP allowed.
Clarification: I want to setup client machine with both local and SSH access.
Update: I configured AD access through LDAP, getent passwd 106289gm and getent shadow give valid reponses, but getent group doesn't show any AD groups.
Best Answer
If you want "the easy way" I had some good experiences with
system-config-authenticationand Winbind doing it the GUI way. Obviously, this is not expressly Kerberos, so downvote me appropriately if you feel inclined. You can do Winbind, but it also expressly allows LDAP if that fits your requirements better. I get an ominous red error about NSS-LDAP libraries,but I am sure you can install that with yum with a minimal amount of effort. You say you want Kerberos, but than say only NIS/LDAP is allowed. So why not just access AD as if it were LDAP. That is definitely possible in my experience. It also gives you the option of configuring Kerberos. See the screenshot.
Hint, hint, it is Fedora 15, not Fedora Core, and has not been "Core" for quite a while. I will not make jokes about the bloat in relation to the name change (as a pretty dedicated Fedora user myself).