>Ken I have followed your directions as usual and gave the afs key the >principal "afs". Although I did make a afs/umiacs.umd.edu principal as >well. There doesn't seem to be a switch for just trying krb5 in aklog >or is that choice made for you?
_assuming_ you're using the aklog from the 1.4 distribution, by default it will try V5. You can use the -524 switch to attempt to use the 524 converter service. If for some reason you don't have a -524 switch, then you're not using the right aklog (check the usage message from aklog ... if you don't see -524, then it's the wrong one). >[EMAIL PROTECTED] afs]# aklog >aklog: Couldn't get umiacs.umd.edu AFS tickets: >aklog: unknown RPC error (-1765328228) while getting AFS tickets Sigh. Sometimes the whole com_err mess makes me want to scream. % grep -- -1765328228 /usr/krb5/include/krb5.h #define KRB5_KDC_UNREACH (-1765328228L) Which either means you couldn't find the KDC (which is unlikely, since you have a service ticket below), or you couldn't talk to the 524 service ... which would imply that you're using the old aklog. >[EMAIL PROTECTED] afs]# rpm -qf /usr/bin/aklog >openafs-krb5-1.4.0-rhel4.1 Note that I personally have nothing to do with the RPM distribution. I would assume that they got the aklog from OpenAFS, but I have no idea. Actually ... looking at the sources, I _helpfully_ put a debug message in the -d output which indicates if you're using V5 natively or the 524 converter. I did that during the aklog integration into OpenAFS. Since that message doesn't appear when you use -d, I am thinking that the RPM you're using includes an old aklog. You should talk to whoever put that RPM together and ask them where that aklog came from. Like I said ... that's not my department. --Ken _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
