| FreeTDS User Guide: A Guide to Installing, Configuring, and Running FreeTDS | ||
|---|---|---|
| Prev | Chapter 5. Advanced Configurations | Next |
Perhaps surprisingly, [1] Kerberos can be used to authenticate to Microsoft SQL Servers. This affords single-signon (or, at most, "double-signon") capability in non-Windows environment.
To take advantage of Kerberos you have to set up your machine with keytab [2] from your Active Directory. You could use Samba or configure Kerberos directly (/etc/krb5.conf). configure includes options to define the location of your Kerberos installation (cf. Options to configure).
By default UNIX does not initialize a Kerberos ticket with your login account. You must use kinit to initialize a ticket. You could also configure Kerberos in PAM to initialize a Kerberos ticket at login time.
| [1] | It works because much of Active Directory is based on Kerberos. From each according to his ability; to each according to his needs. |
| [2] | No, the author does not really know what he's talking about. |