[Samba] kinit username@REALM
Gerald (Jerry) Carter
jerry at samba.org
Mon Sep 6 11:21:50 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Joseph wrote:
| Do I need to do the command "kinit username at REALM"
| every single time I boot up my system?
|
| Also, why does the kinit "username" not accept the
| winbind separator "+"? For example: "kinit
| domain+user at REALM" instead of just "user at REALM".
The domain is implied by the REALM. The domain is just
a backwards compatible means in AD domains to specify the realm
for NTLM authentication.
| I have my system setup to login via gdm with my domain
| user account (which uses the winbind separator "domain+user"),
| so why can't kinit login at that time? This would make it
| seamless, instead of having to open a command line each time
| the system boots and manually running the kinit command.
You should probably look at the pam_krb5 module instead
of pam_winbind if you want to deal with krb5 tickets.
See the 'creds' pam_krb5 option for maintaining the ticket
cache.
cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm) ------- http://www.samba.org
GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFBPEhOIR7qMdg1EfYRAurYAJ9lQNl2FYWsymBVhXxqVdvAMkDBiwCg5cJK
0qVTinfo7Z6r3Q6/1pJWrDQ=
=bYIW
-----END PGP SIGNATURE-----
More information about the samba
mailing list