Tickets accepted upon login but still prompted for password
Rechenberg, Andrew
ARechenberg at shermanfinancialgroup.com
Fri Mar 15 17:29:10 EST 2002
Looking at the code, it looks like if I don't have a .k5login I should be allowed access, but the authorization is failing. Is this a correct assumption?
It's really frustrating because I had this setup working a while ago and now I revisit it and it's not.
-----Original Message-----
From: Donn Cave [mailto:donn at u.washington.edu]
Sent: Friday, March 15, 2002 4:59 PM
To: kerberos at mit.edu
Subject: RE: Tickets accepted upon login but still prompted for password
Quoth bbense at networking.stanford.edu ("Booker C. Bense"):
| On Fri, 15 Mar 2002, Rechenberg, Andrew wrote:
|
| > OK, I put a .k5login file in $HOME and it works, but I don't
| > want to have to do this for 500+ users. :( Any other suggestions?
| >
|
| - You'll need to patch the src code. Look in
|
| http://www.stanford.edu/~bbense/stanford_krb_patches/version1.2.2/lib/krb5/os/kuserok.c
|
| - I'm not sure it's the best way to do it, but that's what
| we do here.
Best way to do what? I see that your patch makes .k5login policy
depend on existence of another file, if absent then .k5login is
required. And the comments explain why. But how would that help
in the present case? I must have missed something about the setup
there - it looked to me like he would want the normal default
behavior from krb5_kuserok(), and I don't see why he would need
.k5login.
Donn Cave, donn at u.washington.edu
________________________________________________
Kerberos mailing list Kerberos at mit.edu
http://mailman.mit.edu/mailman/listinfo/kerberos
More information about the Kerberos
mailing list