Looking at the code, it looks like if I don't have a .k5login I should be allowed access, but the authorization is failing. Is this a correct assumption?
It's really frustrating because I had this setup working a while ago and now I revisit it and it's not. -----Original Message----- From: Donn Cave [mailto:[EMAIL PROTECTED]] Sent: Friday, March 15, 2002 4:59 PM To: [EMAIL PROTECTED] Subject: RE: Tickets accepted upon login but still prompted for password Quoth [EMAIL PROTECTED] ("Booker C. Bense"): | On Fri, 15 Mar 2002, Rechenberg, Andrew wrote: | | > OK, I put a .k5login file in $HOME and it works, but I don't | > want to have to do this for 500+ users. :( Any other suggestions? | > | | - You'll need to patch the src code. Look in | | |http://www.stanford.edu/~bbense/stanford_krb_patches/version1.2.2/lib/krb5/os/kuserok.c | | - I'm not sure it's the best way to do it, but that's what | we do here. Best way to do what? I see that your patch makes .k5login policy depend on existence of another file, if absent then .k5login is required. And the comments explain why. But how would that help in the present case? I must have missed something about the setup there - it looked to me like he would want the normal default behavior from krb5_kuserok(), and I don't see why he would need .k5login. Donn Cave, [EMAIL PROTECTED] ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
