Linux & AD mixted authentication issue

Jean-Luc Chandezon Fri, 24 Apr 2020 18:42:43 -0700

Hello,
I configure AD authentication (I followed 
https://wiki.debian.org/AuthenticatingL ... eDirectory), and it works fine.
I added AD group to debian sudoers, no problem. @mydomain.ad is the default 
suffix for login. USers does not need to put this.


My issue:
Even locally I can not open session aymore, as root, or as local unix user. Is 
it possible?

Here are krb5.conf:
-----------------------------------------------------------
logging]
Default = FILE:/var/log/krb5.log

[libdefaults]
ticket_lifetime = 24000
click-skew = 300
default_realm = MYDOMAIN.AD

# The following krb5.conf variables are only for MIT Kerberos.
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
[realms]
MYDOMAIN.AD = {
kdc = mydomain.ad:88
admin_server = mydomain.ad:464
default_domain = mydomain.ad
}

[domain_realm]
.mydomain.ad = MYDOMAIN.AD
mydomain.ad = MYDOMAIN.AD
-----------------------------------------------------------

Thanks

Jean-Luc

Linux & AD mixted authentication issue

Reply via email to