beautypg.com

Exacq exacqVision Server/Client OS: Linux OpenLDAP User Manual User Manual

Page 2

background image

www.e

x

acq.com

+1.317.845.5710
+44.1438.310163

USA (Corporate Headquarters)
Europe/Middle East/Asia

Page 2 of 5

12/1/2011


9. If installing an exacqVision server, add a service principal name on the OpenLDAP/Kerberos server for the exacqVision

server. To do this, open a terminal window on the OpenLDAP/Kerberos server and execute the following command (using
your information where appropriate):

sudo kadmin.local
ank –e rc4-hmac:normal EDVR/evserver.exacq.test.com
ktadd –k ./ev.keytab EDVR/evserver.exacq.test.com
quit

NOTE: All text after the forward slash should be lower case, and “EDVR” must be upper case.

10. Copy the keytab file to a location from where it can be installed on the Linux exacqVision Server later in this procedure.

The following steps apply to all situations.

11. Note the fully qualified host name (hostname.primary-dns-suffix) and IP address of the exacqVision server computer that

you will connect to, the OpenLDAP/Kerberos domain, and the fully qualified host name and IP address of the
OpenLDAP/Kerberos server. For example:

evserver.exacq.test.com

192.168.1.16

EXACQ.TEST.COM
kdc.exacq.test.com

192.168.1.70

12. If necessary, install Kerberos. It is recommended that you use MIT Kerberos V5, also known as KRB5. Installing krb5-user

also installs krb5-config, which is valid for all Ubuntu variations. To install KRB5 (or to verify that it is already installed), go to
the Start menu and select System, Administrator, and Symptic Package Manager. Click Reload. Search for krb5-user; if it is
not already checked, install it.

NOTE: If you purchased the system from Exacq after 2009, MIT Kerberos V5 is likely already installed.

13. Make sure the fully qualified host names of the OpenLDAP/Kerberos server and exacqVision server can be resolved. To do

this, open a terminal window, ping the fully qualified host names, and look for a reply. Make sure the IP addresses match
the IP addresses of the servers as noted in the previous step.

NOTE: If the fully qualified host names cannot be resolved for either server, configure your hosts file with the fully qualified
host names, as in the following example:

/etc/hosts
192.168.1.16

evserver.exacq.test.com

192.168.1.70

kdc.exacq.test.com


Alternatively, you can add the OpenLDAP/Kerberos server to the DNS Server list. To do this, go to the Start menu and select
System, Administrators, and Network.

See also other documents in the category Exacq Accessories for video: