I have recently found out that GNOME Online Accounts now support Kerberos authentication. I assume this might be interesting for many people who use GNOME in an corporate environment, so I decided to spend a few words about it here.
The setup is as simple as it can get. You just add a new Kerberos account in GNOME Online Accounts and provide a domain name, your user name and a password. Then you see this:
Every time you boot your computer now, you will also receive a Kerberos ticket. Awesome!
Unfortunately, the world is not perfect, and neither is GNOME Online Accounts. So there are a few annoying problems:
- Your computer has to boot inside the company network. If you connect to the network afterwards, you will not receive the Kerberos ticket.
- You can’t use the ON-OFF slider the force a ticket retrieval, because GNOME Online Accounts crashes. So back to kinit in this case.
Let’s hope these problems will be ironed out in GNOME 3.8, currently it’s just a half-baked solution. But it’s definitely better than having nothing at all.