Cross Realm MIT <-> Windows Close But No Cigar
Christopher D. Clausen
cclausen at acm.org
Thu May 3 22:39:31 EDT 2007
Michael B Allen <mba2000 at ioplex.com> wrote:
> On Thu, 3 May 2007 20:31:55 -0500
> "Christopher D. Clausen" <cclausen at acm.org> wrote:
>> Try creating a ~/.k5login file in the home directory of
>> the user you are logging in as listing authorized Kerberos
>> principals, one per line.
>
> That was it! SSH now works cross realm. I was clueless about .k5login.
You can use an auth_to_local rule in krb5.conf instead. Search this
list for a post a few weeks back for some to try.
> Now I wonder what smbclient's problem is with the bad echo'd
> signatures. Wheres Andrew Bartlett when you need him ...
After I broke AD.UIUC.EDU (yes, campus wide) several years ago using
samba, I haven't touched it. But I suspect that is a question for a
samba list. I assume you have looked at the KDC logs and possible some
network traces to try and figure out what is going on?
> Mmm, UIUC. I have droves of family in Champaign.
I don't. Thats why I moved here :-)
<<CDC
More information about the Kerberos
mailing list