Kerberos-Gssapi-ldap-pam interaction

Turbo Fredriksson turbo at bayour.com
Wed May 14 09:06:32 EDT 2003


>>>>> "Jerome" == Jerome Walter <walter+SP at M.efrei.fr> writes:

    Jerome> But, trying to get accounting info in the LDAP server is
    Jerome> quite more complicated. I tried different configurations
    Jerome> with nss, pam_ldap and pam.d config files but did not
    Jerome> manage to get the account required pam_ldap.so working:
    Jerome> Insufficient credentials to access authentiation data

What is saying 'Insufficient credentials'? PAM/LDAP? Login?

    Jerome> Is there someone who have ever installed such a config ?

On a NUMBER of machines. Rocks MY world! :)

    Jerome> could you give me advices about how to configure things up
    Jerome> ?

http://www.bayour.com/LDAPv3-HOWTO.html

    Jerome> In a near future i sould try OpenAFS, is there something
    Jerome> special i sould not do ?

Get Kerberos working fully and learn how to administrate the whole
shebang (LDAP, Kerberos etc) :)

    Jerome> Finally, is there something special to do to make sudo and
    Jerome> ssh not requiring entering the password again ?
    Jerome> try_first_pass does not seem to work...

I don't care. I use 'ksu' instead :)

If you want to do ssh, use the package 'ssh-krb5'. It's in woody...


More information about the Kerberos mailing list