How to implement add-bu-user

add-bu-user is a  simple command-line tool for the creation of user accounts which conform to the Boston University Global UID system.   This tool performs a ph lookup of the user  in order to find their Global UID, and then adds a local account with this information.

You can add-bu-user and install them in the directories shown below.

  • 4 -rw-r–r–. 1 root root  2102 Aug  5  /usr/lib/python2.7/site-packages/BULookup.py
  • 4-rw-r–r–. 1 root root  4123 Aug  5  /usr/lib/python2.7/sitepackages/phquery.py
  • 16 -rwxr-xr-x. 1 root root 13049   /usr/sbin/add-bu-user

How to implement Kerberos

To modify the krb5.conf.orig file that comes with CentOS 7

  1. Insert the following three lines in the “libdefaults” section:
    dns_lookup_kdc = false
    allow_weak_crypto = true
    default_realm = bu.edu

  2. Replace the commented lines under the “realms” section with the following:
    bu.edu = {
    kdc = kerberos1.bu.edu
    kdc = kerberos2.bu.edu
    kdc = kerberos3.bu.edu
    admin_server = kerberos.bu.edu
    }

    AD.BU.EDU = {
    kdc = ist-adc1.bu.edu.
    kdc = ist-adc2.bu.edu.
    kdc = ist-adc3.bu.edu.
    kdc = ist-adc4.bu.edu.
    kdc = ist-adc5.bu.edu.
    }

  3. Replace the commented lines under the “domain_realm” section with the following:
    .bu.edu = bu.edu
    bu.edu = bu.edu
    .ad.bu.edu = AD.BU.EDU
    ad.bu.edu = AD.BU.EDU

  4. You may also append this “appdefaults” section to your krb5.conf:
    [appdefaults]
    pam = {
    minimum_uid = 3000
    }

Visit http://www.bu.edu/tech/services/support/desktop/distribution/linux-at-bu/ find additional information on this topic.