Got it to work! Had to disable tgt_verify option in the methods.cfg file to let sudo, su, telnet and ftp work!!!
Ubaid Rahman Senior AIX Administrator SCS C&ES Infrastructure Admin 1 # 146E Ph # *.703.2817 (internal) or 919.483.2817 (external) # 919.314.7177 (cell) -----Original Message----- From: kerberos-boun...@mit.edu [mailto:kerberos-boun...@mit.edu] On Behalf Of kerberos-requ...@mit.edu Sent: Tuesday, May 03, 2011 12:05 PM To: kerberos@mit.edu Subject: Kerberos Digest, Vol 101, Issue 3 Send Kerberos mailing list submissions to kerberos@mit.edu To subscribe or unsubscribe via the World Wide Web, visit https://mailman.mit.edu/mailman/listinfo/kerberos or, via email, send a message with subject or body 'help' to kerberos-requ...@mit.edu You can reach the person managing the list at kerberos-ow...@mit.edu When replying, please edit your Subject line so it is more specific than "Re: Contents of Kerberos digest..." Today's Topics: 1. cross realm trust (aydin) 2. sudo with kerberos (Ubaid Rahman) ---------------------------------------------------------------------- Message: 1 Date: Mon, 02 May 2011 16:38:31 +0300 From: aydin <ay...@prosoft.com.tr> Subject: cross realm trust To: "kerberos@mit.edu" <kerberos@mit.edu> Message-ID: <4dbeb3d7.7070...@prosoft.com.tr> Content-Type: text/plain; charset=ISO-8859-9; format=flowed Hi all, I am trying to setup a cross realm authentication between microsoft and mit kerberos running on rhel. Mit kerberos realm is going to trust to ms realm. Both kdc'a are running fine in their own realms. We have set up principals on both kdc's. krbtgt/mit.realm@ms.realm A windows client tries to open an ssh connection to a linux system. Windows client asks krbtgt/mit.realm@ms.realm ticket to its own kdc and gets the ticket. This is the point that i get confused and need your help. Ms client than requests host/sshserver.mit.realm. As far as I know first both kdc's has to share krbtgt ticket to establish a trust relation first. Does anyone knows how this should work. Regards, Aydin ------------------------------ Message: 2 Date: Mon, 2 May 2011 14:27:23 -0500 From: Ubaid Rahman <ubaid.u.rah...@gsk.com> Subject: sudo with kerberos To: "kerberos@mit.edu" <kerberos@MIT.EDU> Message-ID: <1dfe27698bba1b49b6a8c6b7f7e37253c48dc7b...@019d-namsg-01.019d.mgd.msft.net> Content-Type: text/plain; charset="us-ascii" Hi I am trying to configure sudo to use Kerberos authentication in an AIX(6.1) environment, so far hadn't had any luck. Can anyone with a similar environment help? Ubaid Rahman Senior AIX Administrator SCS C&ES Infrastructure Admin 1 # 146E Ph # *.703.2817 (internal) or 919.483.2817 (external) # 919.314.7177 (cell) ------------------------------ _______________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos End of Kerberos Digest, Vol 101, Issue 3 **************************************** ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
