Hmm... What do you mean by 'local authorization
sufficient' ?
What I noticed was in /var/log/krb5kdc.log is that it
was reporting a lot
of root@REALM principal
was missing in the database so I added the
root principal and that
appeared to make the log a bit more quieter
but
the su root problem still
remains.
I am guessing that somewhere I will need to allow user
root access with
kerberos as the googles mentioned it for kerberos IV
(kdb_edit) but does
not say anything about kerberos 5 so I am assuming that
kdb_edit is
depreciated and something else takes it's
place?
Another person who responded asked me to check
/etc/pam.d/su but
I cannot tell what I am supposed to look at. I
will need to check to see
if kerberos entries needs to be in there since I
was some instructions
from http://www.ofb.net/~jheiss/krbldap/howto.html mentions
to add
kerberos support to /etc/pam/system-auth but
nothing about /etc/pam.d/su ...
Any pointers, links, howtos, or whatever is
appreciated!
Thanks!
Dan
-- |
