In previous versions of Mac OS X, one could enable Kerberos authentication when a user logs in by following a support document.
Specifically, this document explains that the file /etc/pam.d/authorization needs to be edited to enable this. After upgrading to Mac OS X10.10, this file no longer exists, and there is no update to the KB article.
Is there a new (and better?) way to enable this feature?
https://wiki.ncsa.illinois.edu/display/ITS/Kerberos+on+Mac+OS+X+10.7+and+later
I used this howto sited above and others like it on my yosemite workstation. I have a centos7 server with IPA on virtual box and kinit and klist work. I ssh'd afterwards and wasn't automatically ssh'd into the centos/ipa server on the virtual box guest verifying sso. This was my first setup and I didn't do the ipa install with bind.
This was all done from my mbp. I also have yosemite server installed, so I don't know if that is why I have the files or not. I made backups of the originals and edited accordingly to the link above. Good luck! :D
It is working for me on 10.10.0, and those directories exist for me.
I'm also using the Heimdal implementation but on OpenBSD.
