[Freeipa-users] FreeIPA 4.2.0 and Windows XP
Konstantin M. Khankin
khankin.konstantin at gmail.com
Wed Jul 6 17:50:47 UTC 2016
Hi!
I'm trying to set up Windows XP to get a Kerberos ticket for the user on
login using the following docs:
* http://www.freeipa.org/page/Windows_authentication_against_FreeIPA
*
http://www.freeipa.org/page/Implementing_FreeIPA_in_a_mixed_Environment_(Windows/Linux)_-_Step_by_step
* Discussion at
https://www.redhat.com/archives/freeipa-users/2008-November/msg00063.html
I can obtain kerberos ticket using kinit from JRE (for some reasons I can't
find other kinit in Windows), but I can't logon. I tried the following:
1) ksetup /mapuser * *
2) ksetup /mapuser * <someuser>
3) ksetup /mapuser user at DOMAIN user
4) logging not into Kerberos realm, but into local computer using
user at DOMAIN login
5) logging into Kerberos realm using "user" login
6) logging into Kerberos realm using user at DOMAIN login
With any of these I see successful attempts in krb5kdc.log (so the user
passes pre-auth against kdc), but Windows keep saying that the username or
password is not correct.
I also tried to reset user's password in freeipa and then login - windows
asked to change password and successfully changed it, but still doesn't let
the user in
I have no problems with this setup on 2 computers with Windows 7. Haven't
tried other computers running Windows XP though
What am I doing wrong?
Thanks!
--
Konstantin Khankin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160706/179181cb/attachment.htm>
More information about the Freeipa-users
mailing list