[OpenAFS] Problem with pam on debian with 1.3.81 kernel 2.6.11

[Christian Ospelkaus]

> I setup pam conf on debian sarge like it was written here:
> http://mailman.mit.edu/pipermail/kerberos/2004-October/006601.html
>
> And tried to login and get my tokens.
>
> I can login, but can't get any tickets. I hace to call kinit manually to
> get a ticket and after that aklog to obtain a token.
> Has anyone a working conf on debian sarge for me?

With pam_krb5afs.so:

/etc/pam.d/common-auth:
auth       sufficient   pam_krb5afs.so
auth       required     pam_unix.so use_first_pass

/etc/pam.d/common-session:
session    optional     pam_krb5afs.so
session    required     pam_unix.so

/etc/pam.d/kscreensaver:
auth    sufficient      pam_krb5afs.so ignore_root force_creds refresh_creds
auth    required        pam_unix.so     shadow  try_first_pass

in /etc/krb5.conf:
[....]
[appdefaults]
  pam = {
    ticket_lifetime = 86400
  }

Regards,

Christian