PAM_KRB5 Issue
Norbert Klasen
norbert.klasen at avinci.de
Tue Sep 21 05:00:34 EDT 2004
--On Montag, 20. September 2004 11:14 -0700 Tyson Oswald
<oswaldt at ameritech.net> wrote:
>
>
> Norbert Klasen <norbert.klasen at avinci.de> wrote:
>
>
> --On Freitag, 17. September 2004 10:26 -0700 Tyson Oswald
> wrote:
>
>> I have successult gotten SEAM -> AD to work on our Solaris 8 machines,
>> and am now trying to get it to work on our Solaris 9 servers. I have
>> setup the krb5.conf file exactly the same. I am unable to login with
>> my AD crednetials. I find this error in /var/adm/messages
>>
>> PAM_KRB5 (auth): error reading service ticket (authentication failed):
>> No such file or directory
>>
>> I also get an error referring to a not being able to fine the
>> credentials for the host on the default keytab file which I don't
>> understand, as I do not have a KDC server setup.
>
> Do you have an entry for the "host" principal in the system's keytab?
> Does the system's keytab (usually /etc/krb5.keytab) exists at all?
>
> Norbert
>
>
> I do not actually. I never had to do that with Solaris 8, so I was
> wondering. I'm in the process of gettign user IDs created in AD for the
> system.
The Solaris 9 module verifies the tgt. See
<http://docs.sun.com/db/doc/817-3946/6mjgmt4nd?q=pam_krb5&a=view>. Probably
Solaris 8 didn't do this.
Norbert
More information about the Kerberos
mailing list