From 160692e00aac059bfdb5e60b8ded349feaaede55 Mon Sep 17 00:00:00 2001 From: jbjohnso Date: Tue, 24 Aug 2010 15:35:32 +0000 Subject: [PATCH] -Fix AD support for RHEL6 deployed nodes git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@7203 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd --- xCAT-server/share/xcat/install/rh/compute_domain.rhel6.tmpl | 1 + xCAT/postscripts/joindomain | 5 +++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/xCAT-server/share/xcat/install/rh/compute_domain.rhel6.tmpl b/xCAT-server/share/xcat/install/rh/compute_domain.rhel6.tmpl index 74b6c4b0f..2a37d3eb4 100644 --- a/xCAT-server/share/xcat/install/rh/compute_domain.rhel6.tmpl +++ b/xCAT-server/share/xcat/install/rh/compute_domain.rhel6.tmpl @@ -143,6 +143,7 @@ reboot pam_krb5 krb5-workstation nss-pam-ldapd +cyrus-sasl-gssapi %pre #INCLUDE:#ENV:XCATROOT#/share/xcat/install/scripts/pre.rh# %post diff --git a/xCAT/postscripts/joindomain b/xCAT/postscripts/joindomain index ca717fdbc..62588594f 100644 --- a/xCAT/postscripts/joindomain +++ b/xCAT/postscripts/joindomain @@ -26,9 +26,10 @@ if [ "$OSVER" = "rhels6" ]; then echo sasl_mech GSSAPI >> /etc/nslcd.conf echo sasl_secprops maxssf=0 >> /etc/nslcd.conf echo krb5_ccname /var/run/ldap_krb5cc >> /etc/nslcd.conf + sed -i '/# Mappings for Active Directory/,/^[^#]/ s/^#\([^ ]\)/\1/' /etc/nslcd.conf authconfig --update --enableldap --ldapserver=$LDAPSRV --ldapbasedn=$LDAPBASEDN - echo 'kinit -c /var/run/ldap_krb5cc < /etc/krb5.hostpass' >> /etc/rc.local - echo 'kinit -c /var/run/ldap_krb5cc < /etc/krb5.hostpass' >> /etc/cron.hourly/nslcdkrb.cron + echo 'kinit '$HOSTPRINC'-c /var/run/ldap_krb5cc < /etc/krb5.hostpass >& /dev/null' >> /etc/rc.local + echo 'kinit '$HOSTPRINC'-c /var/run/ldap_krb5cc < /etc/krb5.hostpass >& /dev/null' >> /etc/cron.hourly/nslcdkrb.cron chmod +x /etc/cron.hourly/nslcdkrb.cron fi #TODO: SLES/maybe RHEL5. Uncomfortable with libnss_ldap without root_krb5_ccname, ldap needs diff credentials per user