System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

LDAP and Kerberos configuration on Red Hat Linux 4.

 
Highlighted
Honored Contributor

LDAP and Kerberos configuration on Red Hat Linux 4.

Trying to setup ldap and kerbores configuration on new Linux server. I have 6 Linux servers already configured and running with ldap and kerbores.

created krb5.keytab file at AD level and copied to /etc/krb5.keytab. also copied ldap.conf, krb5.conf files from other working Linux servers. Still I am not able to login using ldap. Getting following messages in /var/log/messages.

Mar 8 09:21:58 linux100 sshd[3346]: pam_krb5[3346]: authentication fails for 'jont' (jont@company.com): Authen
tication failure (Preauthentication failed)
Mar 8 09:38:40 grrapiap130 sshd(pam_unix)[3376]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=hecnu615
145j.comapny.com user=jont
Mar 8 09:38:40 grrapiap130 sshd[3376]: pam_krb5[3376]: authentication fails for 'jont' (jont@company.com): Authen
tication failure (Preauthentication failed)



what elseis missing??

thanks.
4 REPLIES 4
Highlighted
Honored Contributor

Re: LDAP and Kerberos configuration on Red Hat Linux 4.

When you menthion ldap.conf, did you include:

/etc/ldap.conf
/etc/openldap/ldap.conf

Also, certificates "if any" included in the /etc/openldap directory.

Your pam and nsswitch configuration also must be copied:

/etc/nsswitch.conf
/etc/pam.d/system-auth-ac
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Highlighted
Honored Contributor

Re: LDAP and Kerberos configuration on Red Hat Linux 4.

even tried configure using authconfig utility and didn't work either way.
Highlighted
Honored Contributor

Re: LDAP and Kerberos configuration on Red Hat Linux 4.

Check:

- Time sincrhotization (Use NTP)
- DNS configuration.


Do you see the user jont (and the list of all users) when you run:

getent passwd

For more information see:

http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/ref-guide/s1-kerberos-clients.html
http://www.microsoft.com/technet/prodtechnol/windows2000serv/howto/kerbstep.mspx
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Highlighted
Honored Contributor

Re: LDAP and Kerberos configuration on Red Hat Linux 4.

Another thing to check is the /etc/ldap.secret file. You should copy this file if exists.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?