I've set up remote login on a computer using Kerberos and LDAP. I've also configured NFS to mount onto /home so that the user's home directory is the same wherever they login.

Kerberos authentication seems to work fine. I can get a ticket using kinit user1 (assuming user1 is a remote user) and see the ticket with klist.

I'm pretty sure LDAP is working because I see the proper output from getent passwd, which lists all the remote users.

The contents of /home are present when I list the files.

The problem is: when I try to login as a remote user the session is immediately ended. Why is it not letting me stay logged in? Here is the output from /var/log/messages after a login attempt:

# /var/log/messages:
Oct  9 10:57:53 tophat login[6472]: pam_krb5[6472]: authentication succeeds for 'user1' ([email protected])
Oct  9 10:57:53 tophat login[6472]: pam_krb5[6472]: pam_setcred (establish credential) called
Oct  9 10:57:53 tophat login[6472]: pam_krb5[6472]: pam_setcred (delete credential) called

EDIT:

The distro is openSUSE. Here are the common-* files in /etc/pam.d:

# /etc/pam.d/common-account
account required        pam_unix.so

# /etc/pam.d/common-auth
auth    sufficient      pam_krb5.so minimum_uid=1000
auth    required        pam_unix.so nullok_secure try_first_pass

# /etc/pam.d/common-session
session optional        pam_umask.so umask=002
session sufficient      pam_krb5.so minimum_uid=1000
session required        pam_unix.so

There doesn't appear to be a /var/log/auth.log file nor a /var/log/secure file.