I removed the EAP line and keep only the Kerberos line in users
DEFAULT Auth-Type := Kerberos
I have this error using radtest:
radtest "u...@myrealm.org" "password" localhost 10 testing123
Sat Jun 19 23:53:10 2010 : Auth: rlm_krb5: [user] krb5_rd_req() failed:
Wrong principal in request
but I am sure the machine is configured correctly for kerberos, I have
correct
configuration in /etc/krb5.conf and I have /etc/krb5.keytab file
correctly created
everything look fine with kerberos on my radius server... any hints?
thank you
[r...@radius ~]# kinit user
Password for u...@myrealmg.org:
[r...@radius ~]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: u...@myrealmg.org
Valid starting Expires Service principal
06/19/10 23:57:04 06/20/10 06:37:01 krbtgt/myrealmg....@myrealmg.org
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
Alan Buxey wrote:
Hi,
# users
DEFAULT Auth-Type := eap
DEFAULT Auth-Type := Kerberos
Fall-Through = 1
those are 2 conflicting entries. you should never need the
first one. the second one is what you'll need...but the Fall-Through
is superfluous
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html