[OpenAFS] pam errors login... win2003AD krb5 server

Lars Schimmer l.schimmer@cgv.tugraz.at
Fri, 08 Jun 2007 09:27:22 +0200


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi!

Sorry to bother you again, but I was to optimistic.
Debian etch system,
libpam-krb5: 2.6-1
libpam-openafs-session: 1.0-7
openafs-krb5: 1.4.2-6
openafs-client: 1.4.2-6

I changed krb5 server from MIT to Win 2003 AD (on another PC).
So I only changed the name of the krb5 server in the krb5.conf and reboot=
ed.
LogIn as root and kinit user /aklog obtained me tickets/tokens.
Login via gdm/pam doesn=B4t do well (it works with MIT krb5 server, not
with Win2003AD). Syslog tells me this:

Jun  8 09:30:01 testpc CRON[5056]: (pam_krb5): none: pam_sm_acct_mgmt:
entry (0x8000)
Jun  8 09:30:01 testpc CRON[5056]: (pam_krb5): none: skipping
non-Kerberos login
Jun  8 09:30:01 testpc CRON[5056]: (pam_krb5): none: pam_sm_acct_mgmt:
exit (success)
Jun  8 09:30:01 testpc CRON[5056]: (pam_krb5): none: pam_sm_setcred:
entry (0x2)
Jun  8 09:30:01 testpc CRON[5056]: (pam_krb5): none: no context found,
creating one
Jun  8 09:30:01 testpc CRON[5056]: (pam_krb5): none: ignoring root user
Jun  8 09:30:01 testpc CRON[5056]: (pam_krb5): none: pam_sm_setcred:
exit (success)
Jun  8 09:30:01 testpc CRON[5056]: pam_openafs-krb5: open_session: Could
not find Kerberos tickets; not running aklog
Jun  8 09:30:01 testpc CRON[5056]: (pam_krb5): none: pam_sm_setcred:
entry (0x8002)
Jun  8 09:30:01 testpc CRON[5056]: (pam_krb5): none: no context found,
creating one
Jun  8 09:30:01 testpc CRON[5056]: (pam_krb5): none: ignoring root user
Jun  8 09:30:01 testpc CRON[5056]: (pam_krb5): none: pam_sm_setcred:
exit (success)
Jun  8 09:30:01 testpc CRON[5056]: (pam_krb5): none: pam_sm_setcred:
entry (0x8004)
Jun  8 09:30:01 testpc CRON[5056]: (pam_krb5): none: pam_sm_setcred:
exit (success)
Jun  8 09:30:01 testpc CRON[5056]: pam_openafs-krb5: pam_close_session:
Aklog never run so not running unlog

Config error?

MfG,
Lars Schimmer
- --
- -------------------------------------------------------------
TU Graz, Institut f=FCr ComputerGraphik & WissensVisualisierung
Tel: +43 316 873-5405       E-Mail: l.schimmer@cgv.tugraz.at
Fax: +43 316 873-5402       PGP-Key-ID: 0x4A9B1723
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGaQTamWhuE0qbFyMRAkmcAKCKEQNGYuEAlOKpablrs07M3ZsaMACfVCes
RF64eHGF4NSNs78FcNKjxp4=3D
=3DYp/6
-----END PGP SIGNATURE-----