Finally i get logged in as user, but without any credentials, the NIM picture for the user shows all grey not green. Doing an aklog -d then seems to be to late, as it yields
Authenticating to cell test.rl aklog.exe: Couldn't determine realm of user: no credentials cache found. On Sun, 18 Nov 2012, Jeffrey Altman wrote: > -1765328164 = Cannot resolve network address for KDC in requested realm > > aklog -d will tell you what realm is being queried. > > On 11/18/2012 4:22 AM, R. Laatsch wrote: >> Dear all, >> there is a problem with Integrated Login here. >> >> This is my setup: >> Server: 'slinux.localdomain' (SL58) with AFS cell test.rl and krb5kdc for >> realm TEST2.RL >> (not the standard name). >> The Afs version is openafs-1.6.1, the krb5 version is krb5-1.10.3 . >> The kdc has entries for the user and afs/test.rl (DES type). >> >> Client: Windows-7 (VirtualBox) with AFS, KfW, NIM installed. Realm set to >> TEST2.RL >> The KfW version is MIT 3.2.2 >> >> Login to the Client gives an 'unknown RPC error (-1765328164)' and no AFS >> token. >> Doing manually 'gssklog.exe' (with password), i do get a token. >> But there seems to be no 'gssklog Auth Provider' for NIM, that could help >> circumvent the >> 'wrong realm name' problems. >> On the linux server after kinit user, aklog -d gets me a working token. >> >> The realm name was chosen to check out problems under Windows. >> I do *NOT* want CrossRealm Authentication. >> >> Any help in this matter would be greatly appreciated. >> >> Somewhere I found 'linked cells' mentioned (double named cells in >> CellServDB), but no hints >> to do it correctly. Did someone use this to bypass above problem? >> >> Best regards >> Rainer >> ________________________________________________ >> Kerberos mailing list [email protected] >> https://mailman.mit.edu/mailman/listinfo/kerberos >> > > ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
