Do you have a cross realm trust configured between AD and the MIT KDC? Have you configured the workstation to know about the MIT KDC using KSETUP?
Have you added both realms to the MIT krb5.ini file? Is there an appropriate domain/realm mapping in the MIT krb5.ini file to allow the realm of the cell's VLDB servers to be determined correctly? Is the afs/[EMAIL PROTECTED] principal in the MIT KDC configuration to only include the DES-CBC-CRC enctype? Note: MIT KFW is not used to obtain Kerberos 4 tickets with OAFW. It only obtains Kerberos 5 tickets. Please read afs-install-notes.txt. Jeffrey Altman Lars Schimmer wrote: > Hi! > > I'm kinda stuck. > I setup a new AD (domain) with a Windows 2003 server, I setup a new > windowsXP SP2 client, I use a extern kerberos5 MIT server, I setup a > user in kerberos5, AFS and the AD with the same pwd. > On the client I installed krb5, OpenAFS 1.4RC1 and I try the obtain > ticket/token automatic on login. > If I login as user, I obtain my ticket with no problem > ([EMAIL PROTECTED]). But there is no Kerberos 4 ticket and NO AFS > token obtained automatic :-( > If I destroy that ticket I obtained automatic and get a new ticket for > my user with the same password as login, I obtain ticket and token at once. > Any hint, anything I missed? > > Cya > Lars _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
begin:vcard fn:Jeffrey Altman n:Altman;Jeffrey org:Secure Endpoints Inc. adr:;;255 W 94TH ST PHB;NEW YORK;NY;10025;United States email;internet:[EMAIL PROTECTED] title:President tel;work:+1 212 769-9018 x-mozilla-html:TRUE url:http://www.secure-endpoints.com version:2.1 end:vcard
smime.p7s
Description: S/MIME Cryptographic Signature
