well clearly there it is asking for user info. Kerberos has nothing to do with user information at all, i.e. UID, GID, home directory, shell... only authentication. This data would generally come from ldap connectivity to AD, although other mechanisms are possible too. As such, Kerberos appears to be working just fine from that first log message.
Personally I'd never bother with krb5 auth, and just use ldap interfaces for both info and auth. Are you doing this via samba domain membership, or just direct krb5 config?
|