** Tags added: trusty
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1274543
Title:
sssd-ad uses wrong key to verify tgt at login time
To manage notifications about this bug go to:
Hi,
Can you bring this issue up on the sssd-devel list so it can be
discussed with other developers as well? Or open an upstream ticket.
I don't like the idea of trying all principals in the keytab, simply
because it would be uneffective, but I would personally be fine with
using the same code
Additional information:
The account ADJoiner is an ordinary user in that it has no
servicePrincipalName, whereas hosts do have one. I believe this is a crucial
difference, because I can get a ticket for anything that has a
servicePrincipalName, but not for anything that doesn't.
And indeed,