Product data
232 IBM Systems Director Management Console: Introduction and Overview
Kerberos
SDMC allows for Kerberos authentication. A detailed configuration walkthrough
is out of the scope of this book. Refer to Implementing IBM Systems Director 6.1,
SG24-7694 for a thorough explanation about how to perform this task.
To configure a Kerberos Server for the SDMC on the command line, a user in the
smadmin group can issue the cfgkrb command. A sample output is shown in
Example 9-11.
Example 9-11 Structure of the cfgkrb command
sysadmin@sdmca:~> cfgkrb -o s -r MYREALM.COM -s kerberos.mycompany.com
Operation completed successfully.
Note: A user with LDAP authentication can be created anytime, regardless of
the LDAP client configuration. However, access to the system is denied as
long as the LDAP client for the SDMC is not configured. To avoid unwanted
effects, make sure that the user created has sufficient privileges to access the
SDMC after the LDAP client has been configured because all authentication
and authorization is then switched to LDAP!