You can still add the afs/[EMAIL PROTECTED] and use the OpenAFS and KfW in parrallel with the gsslog and or ak5log that you already have. The trick is to make sure each of these keys has a different kvno, so they can all be added to the OpenAFS KeyFile. This is because the KeyFile today is not a keytab file and has only keys and kvnos, and no principal names.
Thanks Doug. That is very useful information to know.
It turns out that ASU's problem is not related to this. Going back to their earliest reports, the problem is an "Insufficient Resource" error
in the Windows CIFS client when attempting to contact the \\AFS CIFS Server.
They are having trouble on machines which are part of the AD domain but which are using the MIT realm's principal to perform login. Since this setup is used regularly at MIT and I have a similar setup here on my private LAN I am sure the problem is something peculiar to their configuration (perhaps group policies). For starters it is going to be necessary to figure out exactly which resource the Windows thinks it is unable to obtain.
Back to our regularly scheduled programming.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
