Hi
We have a setup on 50+ servers that works fine. I have ducplicated the set up to a number of new servers and "some" of them have big issues authenticating against AD.
If I login as a local user, then
I can login OK allbeit slow.
If I ssh directly from my PC and login as the AD USER, it takes ages and eventually times out.
I see this issue:
as soon as I hit enter after typing the password this appears in the secure log:
Quote:
su: pam_unix(su-l:auth): authentication failure; logname=root uid=999 euid=0 tty=pts/0 ruser=LOCALUSER rhost= user=AD.USER
OR pam_unix(sshd:auth) for ssh from PC
|
This appears for both ssh from PC and su from another local account.
So as I mentioned, the ssh from PC times out.
But the su - from a local account is successful, and this is what gets logged:
Quote:
May 29 12:36:11 HOSTNAME su: pam_krb5[5383]: error reading keytab 'FILE:/etc/krb5.keytab'
May 29 12:36:41 HOSTNAME su: pam_krb5[5383]: TGT verified
May 29 12:36:41 HOSTNAME su: pam_krb5[5383]: authentication succeeds for 'AD.USER' (AD.USER@AD.DOMAIN)
May 29 12:36:41 HOSTNAME su: pam_unix(su-l:session): session opened for user AD.USER by root(uid=999)
|
The timestamp for the error reading keytab is 95 seconds after the pam auth error.
I have other servers that also give the auth - authentication error, but they drop to the krb5 part straight away (without the 95 second delay) and AD users can log in fine.
So, question is - where is the delay coming from?