PAM hangs after authenticating against 2003 AD

Sensei senseiwa at
Wed Aug 9 13:58:17 EDT 2006

On 2006-08-09 12:21:56 +0200, "Jesper Angelo" <dkguru at> said:

> Account: newbie ( Created on both AD and local (/etc/passwd) )

Well, what I intended was to create a local user and then kinit to a 
principal. So on unix ``localuser'' and on AD ``aduser''.

> Login with pam_unix yields: [...]
> Aug  9 11:51:11 localhost login[15519]: pam_krb5: pam_sm_setcred(login
> newbie): exit: failure

Remove the pam module from the configuration, and login /locally/. You 
have a kerberos trouble probably.

> Then i kinit... AD says its a success and I get ticket (and it doesnt
> get deleted for a loong time).
> Funny enough - logfile shows nothing :-/ (Even if I kdestory followed
> by kinit...)

These applications don't log, sorry.

> The login freezes in the sense that nothing happens. If I press CTRL-C,
> it exits back to prompt.


> I seems like it authorizes, and then dont know what to do next, thus
> times out after 60 seconds...?
> hope it makes sense :-)

Clear the auth log and login as I said /locally/ with a /pure/ /local/ 
user. See what happens working with this user. If you can work and 
you're not kicked out, then kinit to a principal, noting what klist 
(klist -aef --- if you want).

Then, if you /can/ kinit /and/ work with a local user, post the pam and 
kerberos configuration files.

Sensei <senseiwa at>

The optimist thinks this is the best of all possible worlds.
The pessimist fears it is true.      [J. Robert Oppenheimer]

More information about the Kerberos mailing list