Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
icon8.gif   kerberos authentication NOT working, posted by Fabio Sella on Wed Oct 30 17:57:38 2013 
    icon2.gif   Re: kerberos authentication NOT working, posted by Hal Proctor on Fri Nov 1 14:14:03 2013 
       icon2.gif   Re: kerberos authentication NOT working, posted by Andreas Luedeke on Mon Nov 4 15:07:40 2013 
          icon2.gif   Re: kerberos authentication NOT working, posted by Olaf Kasten on Wed Nov 13 16:26:32 2013 
Message ID: 67597     Entry time: Mon Nov 4 15:07:40 2013     In reply to: 67595     Reply to this: 67611
Icon: Reply  Author: Andreas Luedeke  Author Email: andreas.luedeke@psi.ch 
Category: Question  OS: Linux  ELOG Version: 2.9.2-1 
Subject: Re: kerberos authentication NOT working 

Hal Proctor wrote:

Fabio Sella wrote:

Hi guys,

we configured a kdc server using OPENLDAP as backend. We installed on it elog and configured the Kerberos Authentication on one logbook as follows:

Authentication = Kerberos, File
Kerberos Realm = TEST.COM
Password file = ./pwd.xml

 
Detect language » Italian
 

 

Even if the kinit comand is retrieving correctly a ticket for the user tsearch@TEST.COM(we see it using klist and tcpdump on lo interface), elogd kerberos authentication is not working.

We tried using tcpdump for troubleshooting but no traffic is generated on the loopback interface.

Did someone solve this problem or do you have an idea on how to make the kerberos authentication working?

Thanks

 I have asked for same help, and no one has answered with a solution on implementing a kerberos .  I saw exactly what you were seeing. (did you try fully qualifying the domain within the username field for logon?  \\TEST.COM\username)

I still couldn't get it to work

 Just my two cent:
- did you edit the Makefile to compile elogd with kerberos (USE_KRB5   = 1)?
- did you look into the elogd logfile for error messages at start-up or at login time?
I can only say that I got it working right away - that is the case when you learn least.
Maybe you should post your specific software versions: operating system (in my case Scientific Linux 5.1 (Boron)), Kerberos version (klist -V), etc.
 
English (auto-detected) » English
 
ELOG V3.1.5-3fb85fa6