Operating System - Linux
1748136 Members
3526 Online
108758 Solutions
New Discussion юеВ

LDAP and Kerberos configuration on Red Hat Linux 4.

 
IT_2007
Honored Contributor

LDAP and Kerberos configuration on Red Hat Linux 4.

Trying to setup ldap and kerbores configuration on new Linux server. I have 6 Linux servers already configured and running with ldap and kerbores.

created krb5.keytab file at AD level and copied to /etc/krb5.keytab. also copied ldap.conf, krb5.conf files from other working Linux servers. Still I am not able to login using ldap. Getting following messages in /var/log/messages.

Mar 8 09:21:58 linux100 sshd[3346]: pam_krb5[3346]: authentication fails for 'jont' (jont@company.com): Authen
tication failure (Preauthentication failed)
Mar 8 09:38:40 grrapiap130 sshd(pam_unix)[3376]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=hecnu615
145j.comapny.com user=jont
Mar 8 09:38:40 grrapiap130 sshd[3376]: pam_krb5[3376]: authentication fails for 'jont' (jont@company.com): Authen
tication failure (Preauthentication failed)



what elseis missing??

thanks.
4 REPLIES 4
Ivan Ferreira
Honored Contributor

Re: LDAP and Kerberos configuration on Red Hat Linux 4.

When you menthion ldap.conf, did you include:

/etc/ldap.conf
/etc/openldap/ldap.conf

Also, certificates "if any" included in the /etc/openldap directory.

Your pam and nsswitch configuration also must be copied:

/etc/nsswitch.conf
/etc/pam.d/system-auth-ac
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
IT_2007
Honored Contributor

Re: LDAP and Kerberos configuration on Red Hat Linux 4.

even tried configure using authconfig utility and didn't work either way.
Ivan Ferreira
Honored Contributor

Re: LDAP and Kerberos configuration on Red Hat Linux 4.

Check:

- Time sincrhotization (Use NTP)
- DNS configuration.


Do you see the user jont (and the list of all users) when you run:

getent passwd

For more information see:

http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/ref-guide/s1-kerberos-clients.html
http://www.microsoft.com/technet/prodtechnol/windows2000serv/howto/kerbstep.mspx
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Ivan Ferreira
Honored Contributor

Re: LDAP and Kerberos configuration on Red Hat Linux 4.

Another thing to check is the /etc/ldap.secret file. You should copy this file if exists.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?