I read a fair amount of the functionality of ldap and krb5 and how they work in unison.

So in a nutshell. Krb5 do the authentication and ldap give the information and who can access what.

My question is more on troubleshooting. I encounter the following situation and I want to deduce the meaning of it.

1) Ldap working , Krb5 not working: Was able to ssh.

2) Ldap working, krb5 not working: Wasn't able to ssh

3) Ldap not working, krb5 working: able to ssh

4) ldap not working. krb5 working: wasn't able to ssh.

I've encounter the four situation countless of times and i am confused. My assumption is, as long as krb5 is not working I shouldn't be able to ssh unless; I create an account locally in the machine which I didn't.