---------- Forwarded message ---------- From: Mark Gardner <malek...@gmail.com> Date: Thu, Feb 6, 2014 at 12:29 PM Subject: Re: [Freeipa-users] More SSO Strangeness To: Sumit Bose <sb...@redhat.com>
Bingo! I checked my AD user login name which was mark@TEST.LOCAL, But the Pre Win2000 name was TEST\Mark Changed to TEST\mark, logged out of WinClient, then back in and into ipa client with successful SSO. Thanks!!! On Thu, Feb 6, 2014 at 12:20 PM, Sumit Bose <sb...@redhat.com> wrote: > On Thu, Feb 06, 2014 at 12:04:24PM -0500, Mark Gardner wrote: > > Using username "mark@test.local". > > Unauthorized access is prohibited. > > mark@test.lo...@ipaclient.hosted.test.local's password: > > Last login: Thu Feb 6 12:00:50 2014 from server2012.test.local > > Authorized uses only. All activity may be monitored and reported. > > -sh-4.1$ klist > > Ticket cache: FILE:/tmp/krb5cc_1063801109_S3Ew2U > > Default principal: mark@TEST.LOCAL > > > > Valid starting Expires Service principal > > 02/06/14 12:03:18 02/06/14 22:02:37 krbtgt/TEST.LOCAL@TEST.LOCAL > > renew until 02/07/14 12:03:18 > > > > sorry, I meant the credentials on the Windows client where you call > putty. > > bye, > Sumit > > > > > > > On Thu, Feb 6, 2014 at 11:47 AM, Sumit Bose <sb...@redhat.com> wrote: > > > > > On Thu, Feb 06, 2014 at 10:56:31AM -0500, Mark Gardner wrote: > > > > getent passwd mark@test.local worked > > > > > > > > Here's the ssh info from /var/log/secure > > > > > > > > > > > > > > > > > > ... > > > > > > > Feb 6 10:50:03 ipaclient sshd[1623]: debug3: mm_request_receive > entering > > > > Feb 6 10:50:03 ipaclient sshd[1622]: debug3: monitor_read: checking > > > > request 42 > > > > Feb 6 10:50:03 ipaclient sshd[1622]: debug3: mm_answer_gss_userok: > > > sending > > > > result 0 > > > > Feb 6 10:50:03 ipaclient sshd[1622]: debug3: mm_request_send > entering: > > > > type 43 > > > > Feb 6 10:50:03 ipaclient sshd[1623]: debug3: mm_ssh_gssapi_userok: > user > > > > not authenticated > > > > Feb 6 10:50:03 ipaclient sshd[1623]: debug3: Wrote 96 bytes for a > total > > > of > > > > 2869 > > > > Feb 6 10:50:03 ipaclient sshd[1622]: Failed gssapi-with-mic for > > > > mark@test.local from 192.168.100.145 port 60426 ssh2 > > > > Feb 6 10:50:03 ipaclient sshd[1622]: debug3: mm_request_receive > entering > > > > Feb 6 10:50:08 ipaclient sshd[1623]: debug1: userauth-request for > user > > > > mark@test.local service ssh-connection method password > > > > > > are you sure that you are using the right credentials? According to the > > > log you are using putty. Have you logged in as 'mark' on the Windows > > > client? Please call klist in a command window and check thar your > > > Kerberos principal is 'mark@TEST.LOCAL' > > > > > > bye, > > > Sumit > > > >
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
