|
|
Sponsored Content
Operating Systems
AIX
Kerberos and LDAP Auth
Post 302388758 by mariusb on Thursday 21st of January 2010 10:33:46 AM
01-21-2010
Kerberos and LDAP Auth
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I am running iPlanet 6 on HP-UX 11, and presently all users can access the site.
There are 6000 users accessing the website from an Windows Network. I would like users to access the site, but would also like to log user ID's in the access log, without prompting users for an ID/Password.
Is... (1 Reply)
Discussion started by: shuterj
1 Replies
2. HP-UX
I am getting the following error message when trying to login to the client:
while verifying tgt
If I move the /etc/krb5.keytab out of /etc, it works fine. This is HP-UX v23
Does anyone have any ideas? (1 Reply)
Discussion started by: dhernand
1 Replies
3. AIX
I'm having a bear of a time getting my LDAP connection going, so I hope someone here has some insight.
I have AIX 5.3 running on an LPAR. I have ldap-client, ldap-max-crypto-client, gskak, and gskte installed. I'm able to set up the connection via mksecldap, and I can query users just fine... (1 Reply)
Discussion started by: AlexDeGruven
1 Replies
4. Red Hat
RedHat ELS 5.2 & Sun directory
getent passwd: works
toto:*:1000:100:toto:/home/toto:/bin/bash
getent group: works
mygroup:*:10001:1000,1001
but id toto doesnt works :(
uid=1000(toto) gid=100(users) groupes=100(users)
BTW in /etc/ldap.conf i use a different mapping for the posix... (4 Replies)
Discussion started by: sncr24
4 Replies
5. UNIX for Advanced & Expert Users
Hello, I asked this question in the AIX subforum but never received an answer, probably because the AIX forum is not that heavily trafficked. Anyway, here it is..
I have never had any issues like this when compiling applications from source. When I try to compile samba-3.5.0pre2, configure runs... (9 Replies)
Discussion started by: raidzero
9 Replies
6. Emergency UNIX and Linux Support
Hi all
We have squid-2.5.STABLE11-3.FC4 running in our environment.
LDAP authentication works fine. Active Directory 2003 Users are prompted to enter credentials every time they access the net. The system works perfectly, but I need to configure Squid to block users in a specific AD group.... (1 Reply)
Discussion started by: wbdevilliers
1 Replies
7. AIX
@kah00na and all others,
i have done al steps of the HowTo "Authenticate AIX users from MSActive Directory", found in this forum, but it still does not work.
The test with kinit USERNAME works fine. But if i try to login i get the "UNKNOWN_USER" error in the debug.log.All steps to change... (11 Replies)
Discussion started by: tomys
11 Replies
8. AIX
The KRB5ALDAP compound load module is giving me fits. Everything looks like it should be working, but no.
Goal: Integrate AIX host with Active Directory using a KRB5ALDAP compound load module so that users can be created in AD and used in AIX, with unix attributes (registry values) being... (2 Replies)
Discussion started by: jgeiger
2 Replies
9. Gentoo
Hi,
since the upgrade to Gnome 3.6 (now i have 3.8) the authentication over LDAP stops working. The whole machine does not start anymore. The machine boot, but no gdm and no X. I can login, with root, but then the tty hangs. When i look at ttyF12 i see a lot of systemd service the runs random,... (1 Reply)
Discussion started by: darktux
1 Replies
10. UNIX for Advanced & Expert Users
Has anyone attempted to define GPO / HBAC policies in Windows Server 2012 that could be respected by Kerberos/LDAP on AIX?
I'm looking to associate servers to groups so that when a user part of a group tries to login to a host not associated with that group, it would be denied. This would allow... (3 Replies)
Discussion started by: Devyn
3 Replies
LEARN ABOUT FREEBSD
klist
KLIST(1) BSD General Commands Manual KLIST(1) NAME
klist -- list Kerberos credentials SYNOPSIS
klist [-c cache | --cache=cache] [-s | -t | --test] [-T | --tokens] [-5 | --v5] [-v | --verbose] [-l | --list-caches] [-f] [--version] [--help] DESCRIPTION
klist reads and displays the current tickets in the credential cache (also known as the ticket file). Options supported: -c cache, --cache=cache credential cache to list -s, -t, --test Test for there being an active and valid TGT for the local realm of the user in the credential cache. -T, --tokens display AFS tokens -5, --v5 display v5 cred cache (this is the default) -f Include ticket flags in short form, each character stands for a specific flag, as follows: F forwardable f forwarded P proxiable p proxied D postdate-able d postdated R renewable I initial i invalid A pre-authenticated H hardware authenticated This information is also output with the --verbose option, but in a more verbose way. -v, --verbose Verbose output. Include all possible information: Server the principal the ticket is for Ticket etype the encryption type used in the ticket, followed by the key version of the ticket, if it is available Session key the encryption type of the session key, if it's different from the encryption type of the ticket Auth time the time the authentication exchange took place Start time the time that this ticket is valid from (only printed if it's different from the auth time) End time when the ticket expires, if it has already expired this is also noted Renew till the maximum possible end time of any ticket derived from this one Ticket flags the flags set on the ticket Addresses the set of addresses from which this ticket is valid -l, --list-caches List the credential caches for the current users, not all cache types supports listing multiple caches. SEE ALSO
kdestroy(1), kinit(1) HEIMDAL
October 6, 2005 HEIMDAL