kerberos with kdap

Turbo Fredriksson turbo at bayour.com
Mon Sep 19 03:21:50 EDT 2005


Quoting Rowan Woodhouse <rowan at decaelo.co.uk>:

> Kerberos auth works fine for local users (ie I can ssh in with a
> kerberos ticket) but if I try the same with a ldap user then it
> fails. If I su to the ldap defined user I get "su: Authentication
> service cannot retrieve authentication info".

Did you update the /etc/pam.d/su file? Should look like the /etc/pam.d/ssh
file...

> The strange thing is
> that if I finger the ldap user I get the normal information back and
> they are also listed when I do a getent passwd.

That's taken care of by the LibNSS/LDAP module so that's 'completely'
different...

> Does anyone have any ideas about what could be causing this?

Check you logs and maybe run su 'within' strace...


More information about the Kerberos mailing list