renew tgt using xlock / XscreenSaver ?

First of all, thank to all of the great input find here !! Before adding beta users to my kerberos/ldap server, I still have some problems remaining. Linux users do not halt or log off all the time (because of stuff running in consoles for example). So is there a way (pam_krb5 ? ) to renew TGT when

renew tgt using xlock / XscreenSaver ?

Sorry I forgot to add a subject, so I send it again : First of all, thank to all of the great input find here !! Before adding beta users to my kerberos/ldap server, I still have some problems remaining. Linux users do not halt or log off all the time (because of stuff running in consoles for e

[no subject]

First of all, thank to all of the great input find here !! Before adding beta users to my kerberos/ldap server, I still have some problems remaining. Linux users do not halt or log off all the time (because of stuff running in consoles for example). So is there a way (pam_krb5 ? ) to renew TGT wh

ssh kerberos + forwarding ticket

Hello, openssh version : openssh-3.9p1 kerberos : krb5-server-1.2.7-28 on Redhat AS V3 I can connect t from station1 to server1 using kerberos auth. But the tgt is not forwared (even if kinit -f). Server1 have a princ (host/server1) in the krb5 DB and krb5.keytab. I thought that TGT forwarding wa

login in but no ticket in init 5 (no prob in init 3)

I just install kerberos 5 + openldap in init 3 and init 5 I can log in with my kerberos user BUT in init 5 (mandrake 10 kde 3.2) I logged in BUT when I d a klist, I have no ticket. When connecting with shell, I have my KRB5 user in klist some hints ? Thanks _

krb5.conf domain_realm question

Hello, My internal DNS domain is lan.domain.pri the users email addresses are [EMAIL PROTECTED] to symplify connection I'd like to have REALM = DOMAIN.COM so the kinit user = user email address Is it correct to say can I put in the krb5.conf : [domain_realm] .lan.lexum.pri=DOMAIN.COM lan.lexum.pri=

Re: openldap principal

Thanks, But Why do I need lda/[EMAIL PROTECTED] principal AND the rootdn in the kerberos DB On 2-Jul-04, at 8:56 AM, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 1 Jul 2004, Frederic Medery wrote: My question is : Do I have to create all the users principal

openldap principal

Hello Everybody, My goal : replace nis with ldap /kerberos I just read the Kerberos and the LDAP book (O'Reilly). I also read some how-to on the web I know that I have to create a ldap/[EMAIL PROTECTED] for the ldap server. I Have to create a ldapadmin user (configured in the slapd.conf) My questio