IMPORTANT: NMAS Kerberos Method does not work with Novell Kerberos KDC. If NMAS Kerberos Method is already installed, do not install Novell Kerberos KDC on the same tree. This is because NMAS Kerberos Method and Novell Kerberos KDC use different Kerberos libraries that are not compatible with each other. Shortly, the NMAS Kerberos Method will be patched to work with Novell Kerberos KDC.
Download the NovellKDC.tar.gz file from the Novell download site.
Unzip and untar the tarfile using the following command:
tar -zxvf NovellKDC.tar.gz
The NovellKerberosKDC directory is created in the untarred path.
Execute the following command from the untarred_path/ NovellKerberosKDC/setup directory:
./kdc-install
You can install Novell Kerberos KDC in unattended mode. In this mode, the kdc-install utility installs Novell Kerberos KDC without user intervention. To do this, enter the following:
./kdc-install -u
kdc-install checks for eDirectory installation on your system and installs the components accordingly. Refer to the list of components in Step 5 for more information.
Read and accept the license agreement.
(Conditional) Select the components you want to install.
In Step 3, if you had chosen to install Novell Kerberos KDC in the unattended mode (kdc-install -u), you will not be prompted to select the components.
The kdc-install utility checks for eDirectory installation on the system.
%% List of install options
%% 1.Install KDC
%% 2.Install Admin Server
%% 3.Install Password Server
%% 4.Install Kerberos Clients
%% 5.Install Password Agent
%% 6.Install LDAP Extension
%% 7.Install ALL Packages
%% Select the packages you wish to install [?, q]:
%% List of install options
%% 1.Install KDC
%% 2.Install Admin Server
%% 3.Install Password Server
%% 4.Install Kerberos Clients
%% 5.Install ALL Packages
%% Select the packages you wish to install [?, q]:
You can install KDC, Admin server, Password server, and eDirectory on different machines.
The Kerberos LDAP Extension must be installed on all the eDirectory servers that will be accessed by the Kerberos services.
The Kerberos Password Agent must be installed on all the eDirectory servers (with writable replicas), which the users will be using for changing their passwords.
(Conditional) If prompted confirm whether you want to upgrade the version of NICI.
kdc-install installs NICI 2.6.7.
You are prompted to upgrade, if the NICI version present on your system is older than 2.6.7. If you do not have NICI installed, install proceeds with the NICI installation without prompting.
IMPORTANT: If you upgrade NICI to 2.6.7, other products that use NICI may be affected.