On Fri, 19 Dec 2008, Mathew Rowley wrote:
> Do you have to sync passwords between Kerberos and LDAP if I am using LDAP
> for user specific information? For example, if I ssh to a box, I want it to
> authenticate with kerberos, but get the gid/uid/shell/homedir from LDAP. Is
> there a way to spec
ll
running into that stuff before.
--
Coy Hile
[EMAIL PROTECTED]
"Unarmed combat is what we enter into when we have been foolish enough
not to have a weapon; careless enough to lose our weapon, or unlucky
enough to have broken our weapon"
Kerb
e enough to know what else I can do to debug
this more. Any help you can give is appreciated.
--
Coy Hile
[EMAIL PROTECTED]
"Unarmed combat is what we enter into when we have been foolish enough
not to have a weapon; careless enough to lose our weapon,
in/aklog as UID 1000
Mar 11 20:24:52 ganymede xscreensaver[22746]: [ID 237248 user.debug]
(pam_afs_session): : exit (success)
Notice the ticket cache mentioned above.
What am I missing to have xscreensaver updating the wrong ticket cache?
--
Coy Hile
[EMAIL PROTECTED]
"Unarmed combat is wha
I tweak the PAM stack to gain my desired behaviour?
Thanks,
--
Coy Hile
[EMAIL PROTECTED]
"Unarmed combat is what we enter into when we have been foolish enough
not to have a weapon; careless enough to lose our weapon, or unlucky
enough to have broken our weapon"
_
Is there some easy way to write an app
that you'd run from /etc/profile to banner that sort of information? If
I were using normal UNIX auth, I could do that relatively easily using
the information in the shadow file.
--
Coy Hile
[EMAIL PROTECTED]
_
On Fri, 18 Jan 2008, Coy Hile wrote:
> Thanks Tom.
>
> I'm using whatever ships with Solaris 10 Update 4. I can't tell you
> what that is off the top of my head.
>
Reply to my own post:
Russ,
Does your pam_krb5 implmentation support this type of setup? The stock
on
.
>
Thanks Tom.
I'm using whatever ships with Solaris 10 Update 4. I can't tell you
what that is off the top of my head.
--
Coy Hile
[EMAIL PROTECTED]
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
:
kadmin: modprinc +needchange cah220
Principal "[EMAIL PROTECTED]" modified.
kadmin: quit
[22:53:31]supergrover:~ % kinit cah220
kinit(v5): Password has expired while getting initial credentials
[22:53:37]supergrover:~ %
For what it's worth, I'm using an MIT kdc (actually
nted? (I'm perfectly happy to
accept "Because it's Really Stupid(tm) for the follwing reasons..." as
an answer too :))
(Please retain the cc: on any reply as my work address is not on-list,
only my personal address.)
Thanks.
--
Coy Hile
[EMAIL PROTECTED]
_
10 matches
Mail list logo