Enroll Mac in Kerberos: Difference between revisions

Enroll Mac in Kerberos (view source)

Revision as of 06:22, 21 January 2025

12 bytes removed , 21 January

no edit summary

Thexa4

Bureaucrats, Interface administrators, Administrators

167

edits

@@ Line 7: / Line 7: @@
 # Download the ca.crt from the debian-delftsolutions-auth repository and place it in /etc/ipa/ca.crt
 # As your normal user, create the certificates folder: mkdir ~/Library/IPA; chmod 700 ~/Library/IPA
-# Create a certificate request, entering your username for the Common Name and a single dot for the other fields: openssl req -newkey rsa:4096 -nodes -keyout ~/Library/IPA/laptop.key -out ~/Library/IPA/laptop.csr
+# Create a certificate request, entering your username for the Common Name and a single dot for the other fields: openssl req -newkey rsa:4096 -nodes -keyout ~/Library/IPA/user.key -out ~/Library/IPA/user.csr
 # Go to your user in IPA
 # Click on Actions > New Certificate
 # CA = ipa
 # Profile ID = caIPAserviceCert
-# Paste the contents of this command into the big textfield: cat ~/Library/IPA/laptop.csr
+# Paste the contents of this command into the big textfield: cat ~/Library/IPA/user.csr
 # Request the certificate
-# Store the resulting certificate in ~/Library/IPA/laptop.crt
+# Store the resulting certificate in ~/Library/IPA/user.crt
 # Add the following lines to your ~/.bash_profile. Make sure to replace <mac_username> with your Mac username and <ipa_username> with your IPA username!
-## alias ds_pkinit="kinit -C FILE:/Users/<mac_username>/Library/IPA/laptop.crt,/Users/<mac_username>/Library/IPA/laptop.key --keychain <ipa_username>"
+## alias ds_pkinit="kinit -C FILE:/Users/<mac_username>/Library/IPA/user.crt,/Users/<mac_username>/Library/IPA/user.key --keychain <ipa_username>"
 ## ds_pkinit & disown

Enroll Mac in Kerberos: Difference between revisions

Enroll Mac in Kerberos (view source)

Revision as of 06:22, 21 January 2025

Navigation menu

Search