Archived - Mac OS X Server 10.5: Creating Service Principal for Podcast Producer in an Open Directory environment
Mac OS X Server 10.5.6 and later support Kerberos single-sign-on for the Podcast service. In order to enable this support in an Open Directory environment you may need to perform the steps in this article.
If you are setting up a new Podcast Producer server in Mac OS X 10.5.6 or later
- If the Podcast Producer server is also the Open Directory Master, no further configuration is necessary.
- If the Podcast Producer server is bound to a separate Open Directory Master, follow the instructions in the section below.
If you are updating an existing Podcast Producer server from Mac OS X 10.5 -10.5.5 to 10.5.6 or later
On the Podcast Producer server, execute the following commands in Terminal. Review all instructions before you begin.
- Establish root access:
(You will be prompted for your administrator account password.)
- Create the pcast service principal:
sso_util configure -r REALM.EXAMPLE.COM -f /LDAPv3/node -a diradmin pcast
(You will be prompted for the Open Directory administrator account password.)
- "REALM.EXAMPLE.COM" is the name of your Kerberos realm, in all capital letters
- "node" is either 127.0.0.1, if the Podcast server is also the Open Directory master, or the hostname of the Open Directory master (as configured in Directory Utility), if it is a different server.
- "diradmin" is the name of the Open Directory administrator account
- Restart the Podcast service:
pcastctl server restart