PAM_KRB5 Issue

Norbert Klasen norbert.klasen at
Tue Sep 21 05:00:34 EDT 2004

--On Montag, 20. September 2004 11:14 -0700 Tyson Oswald 
<oswaldt at> wrote:

> Norbert Klasen <norbert.klasen at> wrote:
> --On Freitag, 17. September 2004 10:26 -0700 Tyson Oswald
> wrote:
>> I have successult gotten SEAM -> AD to work on our Solaris 8 machines,
>> and am now trying to get it to work on our Solaris 9 servers. I have
>> setup the krb5.conf file exactly the same. I am unable to login with
>> my AD crednetials. I find this error in /var/adm/messages
>> PAM_KRB5 (auth): error reading service ticket (authentication failed):
>> No such file or directory
>> I also get an error referring to a not being able to fine the
>> credentials for the host on the default keytab file which I don't
>> understand, as I do not have a KDC server setup.
> Do you have an entry for the "host" principal in the system's keytab?
> Does  the system's keytab (usually /etc/krb5.keytab) exists at all?
> Norbert
> I do not actually.  I never had to do that with Solaris 8, so I was
> wondering.  I'm in the process of gettign user IDs created in AD for the
> system.

The Solaris 9 module verifies the tgt. See 
<>. Probably 
Solaris 8 didn't do this.


More information about the Kerberos mailing list