** Description changed:
Client: Ubuntu 8.04.3; server: Ubuntu 8.04.3 with Heimdal KDC. On the client,
the following setup:
authsufficient pam_krb5.so
authrequisite pam_ldap.so
authoptionalpam_krb5_migrate.so debug principal=pam/pam
On the server, a "pam/pa
Workaround: add a "root/admin" principal to the KDC and give it "add"
rights to the KDC database. Export the key for root/admin to
/etc/security (or wherever you put your key, using the "keytab="
option). Then specify "principal=root/admin" for all of the clients you
want to migrate.
--
libpa