[Freeipa-users] Re: FreeIPA, kinit with OTP

Mon, 21 Feb 2022 22:42:42 -0800 

On 22.02.22 00:08, Angus Clarke wrote:

I was meant to have attached the script sorry!

Attached now.

Hope it helps
Angus
________________________________
From: Michael Schwartzkopff<[email protected]>
Sent: 21 February 2022 23:39
To: Angus Clarke<[email protected]>
Subject: Re: [Freeipa-users] Re: FreeIPA, kinit with OTP

On 21.02.22 21:34, Angus Clarke wrote:

Hi Michael

I wrote this a long time back and we use it extensively. It mentions:

     # requires krb5-pkinit (not installed on ipa client by default)

Otherwise something else is amiss I suppose.

Regards
Angus



after installation of the packet I can do a kinit -n and get the ANONYMOUS 
ticket.


But when I do a kinit with my user name I get:

$ kinit username
kinit: Pre-authentication failed: Invalid argument while getting initial 
credentials




Mit freundlichen Grüßen,

--

[*] sys4 AG

https://sys4.de<https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsys4.de%2F&data=04%7C01%7C%7Ce26d60a118df4bd6d88f08d9f58b1456%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637810799958978186%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=iRNzg3kkw6KOTBxNr%2BbtX6vxMWyx0Xy9wJ5qHhwk7ZQ%3D&reserved=0>,
 +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein



following the steps of the script I get one step further.

but still

$ kinit -T KCM:1286400012 username
Enter OTP Token Value:
kinit: Preauthentication failed while getting initial credentials

Are the any log files to check the auth process?



Mit freundlichen Grüßen,

--

[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64 
Schleißheimer Straße 26/MG,80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein

_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Reply via email to