Linux authentication using Kerberos and AD

Gallagher, Kevin K.Gallagher at
Thu Jun 10 11:26:29 EDT 2004

I am trying to establish single sign on using linux,AD and Kerberos. I have created a test account in AD which does not exist in either local files or NIS. I have created a ketyab file and imported it on my linux box, configured both /etc/krb5.conf and /etc/pam.conf for my Reakm and Kerberos. I can use kinit to authenticate my test account and can see the TGTfor my test account as the security principle with klist. However I can't see the test account with getent passwd which may explain why I can't logon as the test account. The pam_krb5 error indicates it can't get a uid/gid. I can authenticate if I put a corresponding account in /etc/passwd or NIS but thus defeats the point if the exercise. Can anyone suggest what I may have missed and what needs to be edited in order for getent passwd to work?

Kevin Gallagher
Network Services Group
C & IT

More information about the Kerberos mailing list