Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Auth against AD (kerberos) does not work
Operating Systems AIX Auth against AD (kerberos) does not work Post 302677089 by bakunin on Wednesday 25th of July 2012 02:03:02 PM
Old 07-25-2012
Quote:
Originally Posted by tomys
Maybe here is a problem? Why registry=files ?
Because you probably want local users not authenticated by Kerberos still be able to log on to the system, yes?

I hope this helps.

bakunin
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Apache auth question

While not technically a unix question, I was hoping for some help from you all- I've got an Apache 1.3.x server, and I am using basic auth from the pam_auth module and winbind on the back of that. What I get is a relaly sleek authentication for my Windos domain users, however, as they are wont... (1 Reply)
Discussion started by: loadc
1 Replies

2. IP Networking

netscape console auth problem

:( hi all , i have installed netscape console on my local pc to connect to webmail server using LDAP . when i try to login from my console i get an error "Http Exception: Response: Http/1.1 500 Server Error Status 500" i was told that i need to add my IP to the local.conf file. ... (1 Reply)
Discussion started by: ppass
1 Replies

3. UNIX for Advanced & Expert Users

Solaris 10 auth issue

Very strange one, we've got a recently build server (Sol10 via JET flash). Bascially you can ssh to it fine, but telnet will allow entry of username, but will then feed in a carriage return on the passwd field, this also happens on any auth type command, ie passwd on a user account will also... (4 Replies)
Discussion started by: itsupplies
4 Replies

4. AIX

Kerberos and LDAP Auth

Good day I am trying to configure Kerberos and LDAP authentication on AIX 5.3 with Windows 2003 R2 but something is not quite right. When I ran kinit username I get a ticket and I can display it using klist. When the user login I can see the ticket request on Windows 2003, but the user... (1 Reply)
Discussion started by: mariusb
1 Replies

5. Shell Programming and Scripting

Difference in auth key commands?

Good morning! What is the difference between: ssh-keygen -t rsa and ssh-keygen -b 2048 -t rsa? Thanks Bigben (2 Replies)
Discussion started by: bigben1220
2 Replies

6. Red Hat

sendmail client with AUTH

HI, I use redhat 5.7 . I configure sendmail as client and deliver the email to the external SMTP server(10.1.1.176) . The smtp server need SMTP AUTH in order to send email with SMTP. I configure and follow this link . Sendmail as SMTP Authentication | Free Linux Tutorials I try to send... (1 Reply)
Discussion started by: chuikingman
1 Replies

7. Solaris

Sol10 - OpenLDAP Auth

Hi, im new to Solaris (10) and need some help please. Situation: Actually is there a Linux (SLES11) OpenLDAP-Server and authentification of Linux-Maschines works pretty sweet. Now i want to put the SOL10 (Sparc) boxes in.... Problem: User Authentification via OpenLDAP on Sol10 doesn´t work... (3 Replies)
Discussion started by: Panzerkampfwagn
3 Replies

8. Gentoo

LDAP-Auth does not work correctly with systemd

Hi, since the upgrade to Gnome 3.6 (now i have 3.8) the authentication over LDAP stops working. The whole machine does not start anymore. The machine boot, but no gdm and no X. I can login, with root, but then the tty hangs. When i look at ttyF12 i see a lot of systemd service the runs random,... (1 Reply)
Discussion started by: darktux
1 Replies

9. Solaris

Solaris 11 iscsi chap auth

hi to all i've done that steps, but i was not completely successful: sudo pkg install group/feature/storage-server sudo svcadm enable stmf sudo zfs create -V 1g rpool/LUN1 sudo stmfadm create-lu /dev/zvol/rdsk/rpool/LUN1 sudo stmfadm list-lu ... (4 Replies)
Discussion started by: jm83
4 Replies

LEARN ABOUT REDHAT

kerberos

KERBEROS(1)						      General Commands Manual						       KERBEROS(1)

NAME

       kerberos - introduction to the Kerberos system

DESCRIPTION

       The  Kerberos  system authenticates individual users in a network environment.  After authenticating yourself to Kerberos, you can use net-
       work utilities such as rlogin, rcp, and rsh without having to present passwords to remote hosts and without having to bother  with  .rhosts
       files.  Note that these utilities will work without passwords only if the remote machines you deal with support the Kerberos system.

       If you enter your username and kinit responds with this message:

       Principal unknown (kerberos)

       you haven't been registered as a Kerberos user.	See your system administrator.

       A  Kerberos  name  usually contains three parts.  The first is the primary, which is usually a user's or service's name.  The second is the
       instance, which in the case of a user is usually null.  Some users may have privileged instances, however, such as ``root''  or	``admin''.
       In  the	case  of  a service, the instance is the fully qualified name of the machine on which it runs; i.e. there can be an rlogin service
       running on the machine ABC, which is different from the rlogin service running on the machine XYZ.  The third part of a	Kerberos  name	is
       the realm.  The realm corresponds to the Kerberos service providing authentication for the principal.

       When  writing  a Kerberos name, the principal name is separated from the instance (if not null) by a slash, and the realm (if not the local
       realm) follows, preceded by an ``@'' sign.  The following are examples of valid Kerberos names:

	       david
	       jennifer/admin
	       joeuser@BLEEP.COM
	       cbrown/root@FUBAR.ORG

       When you authenticate yourself with Kerberos you get an initial Kerberos ticket.  (A Kerberos ticket is an encrypted protocol message  that
       provides authentication.)  Kerberos uses this ticket for network utilities such as rlogin and rcp.  The ticket transactions are done trans-
       parently, so you don't have to worry about their management.

       Note, however, that tickets expire.  Privileged tickets, such as those with the instance ``root'', expire in a few minutes,  while  tickets
       that  carry more ordinary privileges may be good for several hours or a day, depending on the installation's policy.  If your login session
       extends beyond the time limit, you will have to re-authenticate yourself to Kerberos to get new tickets.  Use  the  kinit  command  to  re-
       authenticate yourself.

       If  you use the kinit command to get your tickets, make sure you use the kdestroy command to destroy your tickets before you end your login
       session.  You should put the kdestroy command in your .logout file so that your tickets will be destroyed automatically	when  you  logout.
       For more information about the kinit and kdestroy commands, see the kinit(1) and kdestroy(1) manual pages.

       Kerberos  tickets  can be forwarded.  In order to forward tickets, you must request forwardable tickets when you kinit.	Once you have for-
       wardable tickets, most Kerberos programs have a command line option to forward them to the remote host.

       Currently, Kerberos support is available for the following network services: rlogin, rsh, rcp, telnet, ftp, krdist (a Kerberized version of
       rdist), ksu (a Kerberized version of su), login, and Xdm.

SEE ALSO

       kdestroy(1),  kinit(1),	klist(1),  kpasswd(1),	rsh(1),  rcp(1),  rlogin(1),	telnet(1),  ftp(1), krdist(1), ksu(1), sclient(1), xdm(1),
       des_crypt(3), hash(3), krb5strings(3), krb5.conf(5), kdc.conf(5), kadmin(8),  kadmind(8),  kdb5_util(8),  telnetd(8),  ftpd(8),	rdistd(8),
       sserver(8), klogind(8c), kshd(8c), login(8c)

BUGS

AUTHORS

       Steve Miller, MIT Project Athena/Digital Equipment Corporation
       Clifford Neuman, MIT Project Athena

HISTORY

       Kerberos  was developed at MIT.	OpenVision rewrote and donated the administration server, which is used in the current version of Kerberos
       5.

RESTRICTIONS

       Copyright 1985,1986,1989-1996 Massachusetts Institute of Technology

																       KERBEROS(1)
All times are GMT -4. The time now is 01:57 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy