---------- Forwarded message ---------- From: Mark Gardner <[email protected]> Date: Thu, Feb 6, 2014 at 12:29 PM Subject: Re: [Freeipa-users] More SSO Strangeness To: Sumit Bose <[email protected]>
Bingo! I checked my AD user login name which was [email protected], But the Pre Win2000 name was TEST\Mark Changed to TEST\mark, logged out of WinClient, then back in and into ipa client with successful SSO. Thanks!!! On Thu, Feb 6, 2014 at 12:20 PM, Sumit Bose <[email protected]> wrote: > On Thu, Feb 06, 2014 at 12:04:24PM -0500, Mark Gardner wrote: > > Using username "[email protected]". > > Unauthorized access is prohibited. > > [email protected][email protected]'s password: > > Last login: Thu Feb 6 12:00:50 2014 from server2012.test.local > > Authorized uses only. All activity may be monitored and reported. > > -sh-4.1$ klist > > Ticket cache: FILE:/tmp/krb5cc_1063801109_S3Ew2U > > Default principal: [email protected] > > > > Valid starting Expires Service principal > > 02/06/14 12:03:18 02/06/14 22:02:37 krbtgt/[email protected] > > renew until 02/07/14 12:03:18 > > > > sorry, I meant the credentials on the Windows client where you call > putty. > > bye, > Sumit > > > > > > > On Thu, Feb 6, 2014 at 11:47 AM, Sumit Bose <[email protected]> wrote: > > > > > On Thu, Feb 06, 2014 at 10:56:31AM -0500, Mark Gardner wrote: > > > > getent passwd [email protected] worked > > > > > > > > Here's the ssh info from /var/log/secure > > > > > > > > > > > > > > > > > > ... > > > > > > > Feb 6 10:50:03 ipaclient sshd[1623]: debug3: mm_request_receive > entering > > > > Feb 6 10:50:03 ipaclient sshd[1622]: debug3: monitor_read: checking > > > > request 42 > > > > Feb 6 10:50:03 ipaclient sshd[1622]: debug3: mm_answer_gss_userok: > > > sending > > > > result 0 > > > > Feb 6 10:50:03 ipaclient sshd[1622]: debug3: mm_request_send > entering: > > > > type 43 > > > > Feb 6 10:50:03 ipaclient sshd[1623]: debug3: mm_ssh_gssapi_userok: > user > > > > not authenticated > > > > Feb 6 10:50:03 ipaclient sshd[1623]: debug3: Wrote 96 bytes for a > total > > > of > > > > 2869 > > > > Feb 6 10:50:03 ipaclient sshd[1622]: Failed gssapi-with-mic for > > > > [email protected] from 192.168.100.145 port 60426 ssh2 > > > > Feb 6 10:50:03 ipaclient sshd[1622]: debug3: mm_request_receive > entering > > > > Feb 6 10:50:08 ipaclient sshd[1623]: debug1: userauth-request for > user > > > > [email protected] service ssh-connection method password > > > > > > are you sure that you are using the right credentials? According to the > > > log you are using putty. Have you logged in as 'mark' on the Windows > > > client? Please call klist in a command window and check thar your > > > Kerberos principal is '[email protected]' > > > > > > bye, > > > Sumit > > > >
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
