[Freeipa-users] Windows XP Client problem

Dmitri Pal dpal at redhat.com
Fri Jan 25 00:05:57 UTC 2013 

On 01/24/2013 04:36 PM, Eric Chennells wrote:
> Hi Christian / Dmitri,
>
> Yes I have confirmed in the KDC logs that when I attempt to login that the
> kerberos server is recognizing the request and issuing a ticket.
>
> Is anyone aware of if there is an LDAP related configuration needed? It
> seems like only setting up the kerberos authentication is not enough.


Have you compared the name of the local user you created on the windows
system to the name of the IPA user you are using?
Do they match?

>
> Eric
>
>
> On 2013-01-23 11:10 PM, "Christian Horn" <chorn at fluxcoil.net> wrote:
>
> >Hi,
> >
> >On Wed, Jan 23, 2013 at 02:50:06PM -0800, Eric Chennells wrote:
> >>
> >> I have followed the instuctions of these two guides:
> >>
> >>http://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/Using_Mi
> >>cro
> >> soft_Windows.html
> >> http://freeipa.org/page/Windows_authentication_against_FreeIPA
> >>
> >> Kerberos is working, because I can do a kinit username and properly
> >>receive
> >> a krbtgt principle.
> >>
> >> However on login I get the error "The system could not log you on".
> >>
> >> For the map user step I did "ksetup /mapuser * *" and have a local user
> >> created with the same username as the IPA user.
> >>
> >> Is there a step I am missing? I feel as though I am close because
> >>kerberos
> >> is working.
> >
> >Looking at the KDC logs when you try to login might bring a pointer,
> >no idea apart from that..
> >
> >Christian
> >
> >_______________________________________________
> >Freeipa-users mailing list
> >Freeipa-users at redhat.com
> >https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
>
> Notice of Confidentiality: The information transmitted is intended
> only for the
> person or entity to which it is addressed and may contain confidential
> and/or
> privileged material. Any review, re-transmission, dissemination or
> other use of
> or taking of any action in reliance upon this information by persons
> or entities
> other than the intended recipient is prohibited. If you received this
> in error
> please contact the sender immediately by return electronic
> transmission and then
> immediately delete this transmission including all attachments without
> copying,
> distributing or disclosing the same.
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130124/97cf90ea/attachment.htm>

More information about the Freeipa-users mailing list