Thank you for your krb5.conf hint. It works well with the text console login
(which uses /usr/local/sbin/login.krb5).
But the graphical authentication (using the PAM module) still has this
problem : the TGT flags do not contain "F". Do you know how to configure it
?
Thank you
Phili
"Philippe Perrin" <[EMAIL PROTECTED]> writes:
>> Can anyone tell me
>> 1) what this "A" flag means ?
It means the client used preauthentication to get the ticket.
>> 2) what I have to configure to have the "F" (forwardable) flag on my TGT ?
Add to krb5.conf:
[libdefaults]
forwardable
Hello
With Solaris 8 and the MIT Kerberos 1.2.3, I've replaced /bin/login with
/usr/local/sbin/login.krb5 as is described in
http://web.mit.edu/kerberos/www/krb5-1.2/krb5-1.2.3/doc/install.html#SEC60
The SSO mechanism works fine : when logging on the text console, I run
"klist -f" to see my ticke
