I am currently trying to set up kerberos authentication for IcingaWeb2. By now, I got the authentication process up and running, and I can log in to Icingaweb2 with my AD credentials. Anyways, Icingaweb shows me an empty dashboard with no accessible date once I am logged in, since there are no user/group policies active for the new user on first login.
I found the workaround of explicitly creating a user with the AD user’s name and attributing him the right policies before logging in to be working, but this is not a very satisfying way of handling this.
So my question would be, is there a way to e.g. allow users logging in via kerberos certain default permissions?