Le Mon, 5 Mar 2012 20:27:42 +0530,
Basil Kurian basilkur...@gmail.com a écrit :
Kerberos doesn't remember credentials that way. You must first
obtain a TGT -- either manually using `kinit bkur...@shadow.com`,
or by configuring the client system to do this upon logging in
locally.
It was the problem with the hostname set on the ldap2.shadow.com server.
The command 'hostname -f' was not returning Fully Qualified Domain name of
the machine. When I fixed it , the issue with Single sign on is fixed.
This was the erroneous output
[root@ldap2 pam.d]# hostname
ldap2.shadow.com
Dear all,
I would like to configure my machine so that when I login as user
operator I get a credential as operator/instance, where instance should
be the hostname.
The idea is that if I login as operator in both machines I get different
tickets. I thought that the instance should be the
Jaap Winius wrote:
Today I attempted to get a Kerberos client running on Mac OS X. This
is 10.7 (Lion) system on which I had just installed a package from the
mit.edu site called Mac_OS_X_10.4_10.6_Kerberos_Extras.dmg.
To my knowledge, MIT IST is now maintaining the Kerberos Extras
Lion uses ~/L/P/edu.mit.Kerberos, and /L/P/edu.mit.Kerberos just like SnowLion
did. Lion doesn't use ~/L/P/edu.mit.Kerberos when dealing with file systems
since that might lead to deallocks, but but again, is just like SnowLion did it.
Love
11 mar 2012 kl. 13:46 skrev Davalos, Jeff
11 mar 2012 kl. 11:50 skrev Simon Wilkinson:
On 11 Mar 2012, at 17:42, Jaap Winius wrote:
Today I attempted to get a Kerberos client running on Mac OS X. This
is 10.7 (Lion) system on which I had just installed a package from the
mit.edu site called
I think you're not going to be able to do this without a local keytab.
Keep your local keytabs in a consistent place, like
/var/spool/keytabs/LOGINNAME and then, when you log in as LOGINNAME make
certain that KRB5_KTNAME is set to the right keytab in the user's .profile or
the system .profile
