-   Linux - Networking (
-   - fails to retreive ticket (

nilecirb 07-30-2005 12:06 AM fails to retreive ticket
Currently I am setting up a group of Linux machines, and I have successfully configured Samba and PAM to authenticate users that login to Linux against the Windows Active Directory of users. Furthermore, Kerberos works to the extent that I can kinit, successfully retrieve a ticket, and smbmount with it. I discovered that typing in the password twice (once for login, another to kinit) became tedious after constant use. However, I just recently discovered that there was a module named that supposedly could retrieve a ticket on login. No matter how I tried configuring it, it would not work properly.

The following is /etc/pam.d/login (sans header):

auth        required      /lib/security/
auth        sufficient    /lib/security/
auth        sufficient    /lib/security/ likeauth nullok use_first_pass
auth        required      /lib/security/
auth            required      /lib/security/ use_first_pass creds

account    sufficient    /lib/security/
account    required      /lib/security/

password    required      /lib/security/ retry=3
password    sufficient    /lib/security/ nullok use_authtok md5 shadow
password    required      /lib/security/

session    required      /lib/security/ skel=/etc/skel/ umask=0077
session    required      /lib/security/
session    required      /lib/security/

I'm not positive if this is relevant to this module, but when a user logs in, the username format is in DOMAIN+username. However, for kinit to work, the username must be username@DOMAIN.TLD. Would I need additional tweaking to get to work?

For those that have experience with this module, am I correct in assuming that it does in fact retrieve a ticket on login? Any help would be greatly appreciated. Thanks in advance.

All times are GMT -5. The time now is 06:32 PM.