domain trusts => saslauthd
kerberos@mynx.org
kerberos at mynx.org
Mon Sep 24 09:36:55 EDT 2007
hello folks,
I'm not quite sure if this fits in here, but anyway maybe some one can
help me.
I got a problem with domain trusts and saslauthd.
To be specific, I got a kerberos domain(UNIX.SAMPLE.COM) and an active
directory domain(WIN.SAMPLE.COM).
I made an one way trust, so windows user can login onto the unix hosts.
On the unix shell kinit user at WIN.SAMPLE.COM is working.
But if I do the same with testsaslauthd -u user -p password -r WIN.SAMPLE.COM
i'm getting 0: NO "authentication failed"
logs are filled with...
syslog:
Sep 24 15:28:29 host01 saslauthd[4265]: auth_krb5: k5support_verify_tgt
Sep 24 15:28:29 host01 saslauthd[4265]: do_auth : auth
failure: [user=user] [service=imap] [realm=WIN.SAMPLE.COM]
[mech=kerberos5] [reason=saslauthd internal error]
krb5kdc.log:
Sep 24 15:28:29 host01.unix.sample.com krb5kdc[4634](info): TGS_REQ (7
etypes {18 17 16 23 1 3 2}) 192.168.2.10: PROCESS_TGS: authtime 0,
<unknown client> for host/host01.unix.sample.com at UNIX.SAMPLE.COM, Key
table entry not found
Sep 24 15:28:29 host01.unix.sample.com krb5kdc[4634](info): TGS_REQ (7
etypes {18 17 16 23 1 3 2}) 192.168.2.10: PROCESS_TGS: authtime 0,
<unknown client> for host/host01.unix.sample.com at UNIX.SAMPLE.COM, Key
table entry not found
any ideas?
regards
Rainhard
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
More information about the Kerberos
mailing list