SEAM and native pam_krb5 with AD

melissa_benkyo wyl_lyf at yahoo.com
Thu Apr 22 09:30:31 EDT 2004


helloo!!!

good morning. it's another day and another problem for me. hehehe :)
thanks for all the help. I've figured out why its being sent in the
clear might be because I'm snooping from my workstation. thanks for
the info. I thought I'm on my way to become a great hacker. :D

here's another problem I'm encountered. Okay, now after much much
research and everybody telling me that SEAM doesn't support kerberos
API. I'm going for PAM API. First stop, I'm trying to setup the
current service (i.e. login) to use pam_krb5. There are actually 2
types of pam_krb5 on my 2 solaris machines. I don't know if the 2001
version is good enough or it needs a patch.
1) What is the working pam_krb5 or stable pam_krb5? Do I need to
download anything from the web?
2) There are a bunch of # commented stuff for pam_krb5 on the pam.conf
and I uncomment it. but there is no effect, I couldn't log in. I've
already added the solaris machine to the AD, ftped the keytab and
wrote the keytab on my solaris machine. I also added the user on my
/etc/passwd and /etc/shadow with the *K* for the AD user. So now I'm
not sure what could be the problemo.

any ideas? 

thanks again guys! this is really a learning adventure. :D


More information about the Kerberos mailing list