I also have tried Heimdal on a Debain 3.0 installation using the same
documentation. I can add principles and use kinit to connect and list
to see the ticket, but like Marcus, I could not log in at all.
This morning I wiped it all and tried MIT kerberos instead and can get
as far as the above, but still cannot log in. In contrast, I do get an
error message about expired accounts and such.
-Lars
Aug 2 12:59:17 beta krb5kdc[27106]: AS_REQ (3 etypes {16 3 1})
xxx.yyy.zzz.aaa(88): NEEDED_PREAUTH: [EMAIL PROTECTED] for
[EMAIL PROTECTED], Additional pre-authentication required
Aug 2 12:59:17 beta krb5kdc[27106]: preauth (timestamp) verify failure:
No matching key in entry
Aug 2 12:59:17 beta krb5kdc[27106]: AS_REQ (3 etypes {16 3 1})
xxx.yyy.zzz.aaa(88): PREAUTH_FAILED: [EMAIL PROTECTED] for
[EMAIL PROTECTED], Preauthentication failed
Aug 2 12:59:18 beta krb5kdc[27106]: DISPATCH: repeated (retransmitted?)
request from xxx.yyy.zzz.aaa port 88, resending previous response
Aug 2 12:59:18 beta krb5kdc[27106]: preauth (timestamp) verify failure:
No matching key in entry
Aug 2 12:59:18 beta krb5kdc[27106]: AS_REQ (3 etypes {16 3 1})
xxx.yyy.zzz.aaa(88): PREAUTH_FAILED: [EMAIL PROTECTED] for
[EMAIL PROTECTED], Preauthentication failed
Aug 2 12:59:18 beta PAM-warn[27368]: service: ssh [on terminal: NODEVssh]
Aug 2 12:59:18 beta PAM-warn[27368]: user: (uid=0) -> memyselfni
[remote: ?[EMAIL PROTECTED]]
Aug 2 12:59:18 beta sshd[27368]: PAM rejected by account
configuration[13]: User account has expired
Marcus Blomenkamp wrote:
[snip]
> sake. I am following the steps of documentation from:
> http://www.ofb.net/~jheiss/krbldap/howto.html
[snip]
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
http://mailman.mit.edu/mailman/listinfo/kerberos
