Hi there. I'm a real nb when it comes to Kerberos/LDAP/PAM/NSS etc.
I've installed heimdal on a fresh debian-3.0 system, realmname MY_KRB_REALM and added a user marcus. No problem so far, i can 'kinit <marcus>' fine. But I've got major problems getting it running with PAM. I made the modifications to pam config files locally for simplicities sake. I am following the steps of documentation from: http://www.ofb.net/~jheiss/krbldap/howto.html Situation in short: I added a user to kerberos called 'marcus'. I added a user locally to passwd/shadow and modified password to '*K*', so i don't have to get LDAP running first. I modified the appropriate lines in files in '/etc/pam.d' according to the documentation: 'login' auth sufficient pam_unix.so auth required pam_krb5.so use_first_pass 'other' session optional pam_krb5.so session required pam_unix.so password sufficient pam_unix.so password required pam_krb5.so use_first_pass I tried to do 'login marcus' but it failed with 'Login incorrect'. Heimdal-kdc logfiles spills out the following for each attempt: 2002-07-25T09:41:21 AS-REQ marcus@MY_KRB_REALM from IPv4:192.168.1.101 for krbtgt/MY_KRB_REALM@MY_KRB_REALM 2002-07-25T09:41:21 Using des3-cbc-sha1/des3-cbc-sha1 2002-07-25T09:41:21 sending 617 bytes to IPv4:192.168.1.101 I bet this is a simple issue for you out there. Is it because of the 'use_first_pass' parameters? I've never seen them before. Or is it a crypto thing - des vs 3des? Big Thanks, Marcus ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
