Pam kerberos vs. Kinit
Wyllys Ingersoll
wyllys.ingersoll at sun.com
Fri Mar 18 08:10:39 EST 2005
Douglas E. Engert wrote:
> >
> > I've just run another test and discovered that I can successfully
> > log into the host initially (via PAM kerberos library and SSH), and
> > I don't get error 52. I've got a ticket in my cache and
> > everything. Kerb error 52 only occurs if I'm using kinit from the
> > shell.
>
>
> You could be right on the cut over point, and maybe addressless vs
> with address tickets keep the ticket just small enough.
When the client does not do pre-authentication, does AD still
send PAC data? I thought it did not, but I'm not certain.
-Wyllys
More information about the Kerberos
mailing list