RE: [suse-sles-e] Kerberos and Windows 2003

From: Black, Alain (ablack_at_bloodsystems.org)
Date: Tue May 09 2006 - 20:11:31 CEST

• Next message: L. Mark Stone: "[suse-sles-e] SLES 10 Open Beta - When?"
• Previous message: Reinhard Weh: "Re: [suse-sles-e] YOU problem."
• Maybe in reply to: Emmanuel Garcia Abad: "[suse-sles-e] Kerberos and Windows 2003"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 9 May 2006 11:11:31 -0700
Message-ID: <1066BDF1DAAA8040B54E0B5E270973100D4B2447@bsimail.bloodsystems.org>
From: "Black, Alain" <ablack@bloodsystems.org>
Subject: RE: [suse-sles-e] Kerberos and Windows 2003

I don't have the _enctypes entries in my libdefaults section, and
instead of kpasswd_server I have admin_server.

Have you made changes to your /etc/pam.d/login? I made some entry
changes in there as well. But I'm using SAMBA authenticating against an
Microsoft ADS.

> -----Original Message-----
> From: Emmanuel Garcia Abad [mailto:arrakeen@gmail.com]
> Sent: Monday, May 08, 2006 5:01 PM
> To: suse-sles-e@suse.com
> Subject: [suse-sles-e] Kerberos and Windows 2003
>
> Hi guys,
>
> I am trying to configure squid (SLES9) to work with windows 2003
> server, I am following this guide:
>
> http://us1.samba.org/samba/docs/man/Samba-Guide/DomApps.html
>
> sow i have this packages in the sles:
>
> heimdal-lib-32bit-9-200504071809
> heimdal-tools-0.6.1rc3-55.3
> heimdal-0.6.1rc3-55.3
> heimdal-lib-0.6.1rc3-55.15
> pam_krb5-1.3-201.1
>
> The krb5.conf have the following configuration:
>
> [libdefaults]
> default_realm = SVR.dom.com
> clocksnew = 300
> default_tgs_enctypes = DES-CBC-CRC DES-CBC-MD5
> default_tkt_enctypes = DES-CBC-CRC DES-CBC-MD5
> preferred_enctypes = DES-CBC-CRC DES-CBC-MD5
>
> [realms]
> SVR.dom.com = {
> kdc = roma.svr.dom.com
> kpasswd_server = roma.svr.dom.com
> default_domain = SVR.dom.com
> }
>
> [domain_realm]
> .roma.svr.dom.com = SVR.dom.com
> .SVR.dom.com = SVR.dom.com
>
> [logging]
> default = SYSLOG:NOTICE:DAEMON
> kdc = FILE:/var/log/kdc.log
> kadmind = FILE:/var/log/kadmind.log
>
> [appdefaults]
> pam = {
> ticket_lifetime = 1d
> renew_lifetime = 1d
> forwardable = true
> proxiable = false
> retain_after_close = false
> minimum_uid = 0
> debug = false
> }
>
> When i execute kinit: Administrator@SVR.dom.com, I write the correct
> password, but the system respond:
>
> kinit: Password incorrect
>
> And when I write a bad password the system respond:
>
> kinit: krb5_get_init_creds: Preauthentication failed
>
> I configure in the win2003 "Use DES encription" for the Administrator
> account, but i continue with the trouble.
>
> How can be the problem?
>
> Thanks
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-sles-e-unsubscribe@suse.com
> For additional commands, e-mail: suse-sles-e-help@suse.com

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-sles-e-unsubscribe@suse.com
For additional commands, e-mail: suse-sles-e-help@suse.com

• Next message: L. Mark Stone: "[suse-sles-e] SLES 10 Open Beta - When?"
• Previous message: Reinhard Weh: "Re: [suse-sles-e] YOU problem."
• Maybe in reply to: Emmanuel Garcia Abad: "[suse-sles-e] Kerberos and Windows 2003"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Tue May 09 2006 - 20:11:43 CEST