SUMMARY: Kerberos question

From: Tonny Verberk (Tonny.Verberk@asa-ehv.ce.philips.com)
Date: Wed Jul 24 2002 - 02:53:15 EDT

• Next message: mr ayie: "rpc problem?"
• Previous message: Vincent Cojot: "SUMMARY: What is patch 109888-16?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Dear managers,

Special thanks to Mathieu Nantel who came up with the answer:

This is a known issue from Sun. They fixed it in Solaris 9, and they will
supply the functional pam libraries on demand. The kerberos pam modules that
come with solaris 8 are flat out broken. And the open source version isn't
any better. I got a full environment working with the fixed one, and so far
so good.

Mathieu provided me with new pam modules and now everything works fine.

Regards,
        Tonny.
        
>>
>>Dear managers,
>>
>>I have configured Kerberos on my solaris 8 station. Everything works fine
>>exept for ONE thing:
>>
>>When I lock my station and type my password and if it's oke than it opens
>>my desktop. Now when I mistype my password (happens sometimes) than Kerberos
>>asks me to type it again, so far so good. But when I now type my password
>>again (correct this time) it opens my desktop and before I can do anything
>>it logs me off.
>>
>>Has anyone seen and corrected this behavioure?
>>
>>My /etc/pam.conf file looks like:
>>
>># All Rights Reserved.
>>#
>># PAM configuration
>>#
>># Authentication management
>>#
>>login auth sufficient /usr/lib/security/$ISA/pam_unix.so.1 debug
>>login auth optional /usr/lib/security/$ISA/pam_krb5.so.1 use_first_pass
debu
>>g
>>ktelnet auth required /usr/lib/security/$ISA/pam_krb5.so.1 acceptor debug
>>krlogin auth required /usr/lib/security/$ISA/pam_krb5.so.1 acceptor debug
>>krsh auth required /usr/lib/security/$ISA/pam_krb5.so.1 acceptor debug
>>other auth required /usr/lib/security/$ISA/pam_krb5.so.1 debug
>>#
>># Account management.
>>#
>>other account requisite /usr/lib/security/$ISA/pam_roles.so.1
>>other account required /usr/lib/security/$ISA/pam_unix.so.1
>>#
>># Session management.
>>#
>>other session required /usr/lib/security/$ISA/pam_unix.so.1
>>#
>># Password management.
>>#
>>other password required /usr/lib/security/$ISA/pam_krb5.so.1
>>#
>>
>>
>>Regards,
>>
>>Tonny Verberk.
>>NCR
>>Tel Nr : (+31 40 27)32071
>>E-mail : Tonny.Verberk@philips.com
>>----------------------------------

Regards,

Tonny Verberk.
NCR
Tel Nr : (+31 40 27)32071
E-mail : Tonny.Verberk@philips.com
----------------------------------
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: mr ayie: "rpc problem?"
• Previous message: Vincent Cojot: "SUMMARY: What is patch 109888-16?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:24:38 EDT