I want to make this clear in the first sentence because its biggest chance that people will read it – this article is entirely based on work done by Christian Hofstede-Kuhn (Larvitz) that wrote Integrating FreeBSD 15 with FreeIPA: Native Kerberos and LDAP Authentication recently. Credit goes to him. Besides that I like to share everything that could be useful – I also treat my blog as a place where I keep and maintain my FreeBSD documentation … and I have seen many blogs and sources of knowledge disappear from the Internet over time … and as I use free WordPress tear I am sure this blog (and knowledge) should be here long after I am gone.
So as You see there are several motivations for this:
– Keep and maintain personal version with more code snippets that I can copy/paste fast.
– More detailed commands and outputs.
– Some additional improvements that may be useful – like local console login.
I just hope Christian will not be mad at me for this 🙂
… and I will directly notify him about this article.
First of all – this new method is possible to work because FreeBSD switched from Heimdal Kerberos implementation to MIT Kerberos in FreeBSD 15.0-RELEASE … and I am really glad that FreeBSD finally did it.
As You know I already messed with that topic several times in the past:
All of these previous attempts had many downsides: