Questo contenuto non è disponibile nella lingua selezionata.

Chapter 2. Configuring System Authentication


Authentication is the process in which a user is identified and verified to a system. It requires presenting some sort of identity and credentials, such as a user name and password. The system then compares the credentials against the configured authentication service. If the credentials match and the user account is active, then the user is authenticated.
Once a user is authenticated, the information is passed to the access control service to determine what the user is permitted to do. Those are the resources the user is authorized to access. Note that authentication and authorization are two separate processes.
The system must have a configured list of valid account databases for it to check for user authentication. The information to verify the user can be located on the local system or the local system can reference a user database on a remote system, such as LDAP or Kerberos. A local system can use a variety of different data stores for user information, including Lightweight Directory Access Protocol (LDAP), Network Information Service (NIS), and Winbind. Both LDAP and NIS data stores can use Kerberos to authenticate users.
For convenience and potentially part of single sign-on, Red Hat Enterprise Linux can use the System Security Services Daemon (SSSD) as a central daemon to authenticate the user to different identity back ends or even to ask for a ticket-granting ticket (TGT) for the user. SSSD can interact with LDAP, Kerberos, and external applications to verify user credentials.
This chapter explains what tools are available in Red Hat Enterprise Linux for configuring system authentication:

2.1. Identity Management Tools for System Authentication

You can use the ipa-client-install utility and the realmd system to automatically configure system authentication on Identity Management machines.
ipa-client-install
The ipa-client-install utility configures a system to join the Identity Management domain as a client machine. For more information about ipa-client-install, see the Installing a Client in the Linux Domain Identity, Authentication, and Policy Guide.
Note that for Identity Management systems, ipa-client-install is preferred over realmd.
realmd
The realmd system joins a machine to an identity domain, such as an Identity Management or Active Directory domain. For more information about realmd, see the Using realmd to Connect to an Active Directory Domain section in the Windows Integration Guide.
Red Hat logoGithubRedditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita ilBlog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

© 2024 Red Hat, Inc.