I am trying to get OpenBSD working with Active Directory. I want to do this because I am setting up a mail server (OpenSMTPD and Dovecot). I want the mail server to support 2FA, which can be done through AD. For AD support, I've followed:
https://serverfault.com/questions/20202/ authenticating-openbsd-against-active-directory https://www.whatsmykarma.com/blog/?p=685 Everything is fine until I SSH into the box. I've added a user with adduser (such as "mydomainuser"). I expect to then be able to SSH in as "mydomainuser" because login.conf will check Kerberos first, then the host. Getting access denied. Of course, all of this might be an XY problem. If you know of a better way to implement 2FA in my situation, please tell.
