here is my pam config :) when I login with ssh or login, I have a ticket :)
The last problem for me it's with idmapd and openldap because the schema is not valid, but I try to modify this schema I'm writing a howto on my wiki, actually only configuration file, at http://www.kakou.org/mediawiki/index.php/LDAP_KERBEROS_NFS4_SSH You can see all my configuration files. wakka openldap # cat /etc/pam.d/system-auth #%PAM-1.0 auth required pam_env.so auth sufficient pam_unix.so likeauth nullok auth sufficient pam_krb5.so use_first_pass debug auth sufficient pam_ldap.so use_first_pass debug auth required pam_deny.so account sufficient pam_unix.so account required pam_access.so account [default=bad success=ok user_unknown=ignore service_err=ignore system_err=ignore] pam_krb5.so debug account sufficient pam_ldap.so debug account required pam_deny.so password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 password sufficient pam_unix.so nullok md5 shadow use_authtok password sufficient pam_krb5.so use_authtok debug password sufficient pam_ldap.so use_authtok debug password required pam_deny.so session required pam_limits.so session required pam_unix.so session optional pam_krb5.so debug session optional pam_ldap.so debug --------------------- ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
