The intent of this document to is record one method of enabling Kerberos logins on a CentOS 7 system using Windows Active Directory. There are many way to do this. For a very detailed document on all of these options, check out the Red Hat Enterprise Linux 7 Windows Integration Guide.
Note: At the time of this writing, a kickstart installation does not work correctly, possibly due to using an older version of adcli. The
/etc/krb5.keytab
file ends up containing entries that look likeHOST/hostname.domain.com@DOMAIN.COM
which is not what sshd is expecting. The sshd service is expecting entrieds that look likehost/hostname.domain.com@DOMAIN.COM
. This causes ssh Kerberos logins to fail, printingNo key table entry found matching host/hostname.domain.com@
in the error log.