> > That being the case, when a user tries to login using > > [EMAIL PROTECTED], I do see a request hit the KDC but the user > > still does not get logged in. According to the logs, I see > an AS_REQ > > "[EMAIL PROTECTED] for krbtgt/[EMAIL PROTECTED]". > > Yes that is the first step. > > This would then be used by the workstation to get a ticket > for the workstation > if the workstation is in the same realm as the user. If not > this would be used > to get a krbtgt.
Unfortunately, that is the only request I see. > > > In my principles on the KDC machine > > (montyburns), I have [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> , > > krbtgt/[EMAIL PROTECTED], krbtgt/[EMAIL PROTECTED] and > > krbtgt/[EMAIL PROTECTED] (as well as the kadmin ones that are > > created at install). > > > > What else should I look at? > > Is the workstation part of a domain? > > What does ksetup on the workstion show? > Ksetup on the machine reveals that the machine's primary realm is KERB.UTA.EDU and that the kdc is montyburns.uta.edu (which is correct). I'm not sure what it doesn't continue on with the transactions. ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
