PAM hangs after authenticating against 2003 AD
senseiwa at mac.com
Wed Aug 9 13:58:17 EDT 2006
On 2006-08-09 12:21:56 +0200, "Jesper Angelo" <dkguru at gmail.com> said:
> Account: newbie ( Created on both AD and local (/etc/passwd) )
Well, what I intended was to create a local user and then kinit to a
principal. So on unix ``localuser'' and on AD ``aduser''.
> Login with pam_unix yields: [...]
> Aug 9 11:51:11 localhost login: pam_krb5: pam_sm_setcred(login
> newbie): exit: failure
Remove the pam module from the configuration, and login /locally/. You
have a kerberos trouble probably.
> Then i kinit... AD says its a success and I get ticket (and it doesnt
> get deleted for a loong time).
> Funny enough - logfile shows nothing :-/ (Even if I kdestory followed
> by kinit...)
These applications don't log, sorry.
> The login freezes in the sense that nothing happens. If I press CTRL-C,
> it exits back to prompt.
> I seems like it authorizes, and then dont know what to do next, thus
> times out after 60 seconds...?
> hope it makes sense :-)
Clear the auth log and login as I said /locally/ with a /pure/ /local/
user. See what happens working with this user. If you can work and
you're not kicked out, then kinit to a principal, noting what klist
(klist -aef --- if you want).
Then, if you /can/ kinit /and/ work with a local user, post the pam and
kerberos configuration files.
Sensei <senseiwa at mac.com>
The optimist thinks this is the best of all possible worlds.
The pessimist fears it is true. [J. Robert Oppenheimer]
More information about the Kerberos