Linux & AD mixted authentication issue

Jean-Luc C. Fri, 24 Apr 2020 14:16:40 -0700

Hello,

I configure AD authentication (I followed
https://wiki.debian.org/AuthenticatingL ... eDirectory), and it works fine.


I added AD group to debian sudoers, no problem. @mydomain.ad is the default
suffix for login. USers does not need to put this.



My issue:

Even locally I can not open session aymore, as root, or as local unix user.
Is it possible?



Here are krb5.conf:

-----------------------------------------------------------

logging]

Default = FILE:/var/log/krb5.log



[libdefaults]

ticket_lifetime = 24000

click-skew = 300

default_realm = MYDOMAIN.AD



# The following krb5.conf variables are only for MIT Kerberos.

kdc_timesync = 1

ccache_type = 4

forwardable = true

proxiable = true

[realms]

MYDOMAIN.AD = {

kdc = mydomain.ad:88

admin_server = mydomain.ad:464

default_domain = mydomain.ad

}



[domain_realm]

.mydomain.ad = MYDOMAIN.AD

mydomain.ad = MYDOMAIN.AD

-----------------------------------------------------------



Thanks



Jean-Luc

Linux & AD mixted authentication issue

Reply via email to