* Douglas E. Engert <[EMAIL PROTECTED]>: > Did you add the host account to AD?
Yes. > Did you run the MS ktpass to set the service principal in the account, Yes. > set the password on the acocunt, and generate a kettab file? Yes. > Did you copy the keytab file back to the Unix system? Yes. > See > http://www.microsoft.com/technet/prodtechnol/windows2000serv/howto/kerbstep.mspx I did EXACTLY that. Meanwhile, I'm down to this in my /etc/pam.d/openvpn-krb5 file: auth requisite pam_krb5.so no_ccache debug account required pam_permit.so This works IF AND ONLY IF the account I try to login as (hildeb in my example) exists in /etc/passwd. I log in using the Kerberos Password (the password from /etc/passwd DOES NOT WORK), but for unknown reasons the system insists on the existance of the local account "hildeb" :( -- _________________________________________________ Charité - Universitätsmedizin Berlin _________________________________________________ Ralf Hildebrandt i.A. Geschäftsbereich Informationsmanagement Campus Benjamin Franklin Hindenburgdamm 30 | Berlin Tel. +49 30 450 570155 | Fax +49 30 450 570962 [EMAIL PROTECTED] http://www.charite.de ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
