On Wed, 12 Apr 2006, O Plameras wrote:
Do you have any actual users in your AFS cell yet? Or did you just set it
up with kaserver for testing purposes?
I have only half-dozen users. Yes, I created new principals in the k5 DB and
reset afs key.
Ok. For such a small number of users, don't bother with afs2k5db. It is
not necessary. (you just have to manually reset each user's password,
that's all)
Did you create a new 'afs' principal in the K5 database?
Yes, I did. This is how I did it.
#kadmin.local -e des-cbc-crc:v4 <<EOF
addprinc -randkey afs/example.com.ex
ktadd -k KeyFile afs/example.com.ex
I assume 'KeyFile' here is just a temp file, not the actual AFS keyfile,
right?
quit
EOF
#set `klist -k KeyFile | tail -1`
#asetkey add $1 KeyFile afs/example.com.ex
Does regular file access work in AFS? (can you create files, get tokens
and read things, etc)
The problem is after this I can't
#vos listvol toshiba.example.com.ex
Something else is wrong.
Did you update the AFS KeyFile on all of your servers and restart all the
server processes?
In the AFS_K5_NAME_CHANGE it says to the effect that
I have to run afs2k5db
No, that should not be necessary in your case.
OK, I got this. I am able to create principals in K5 to aklog successfully.
The problem after this
is I can't do AFS maintenance commands like #vos listvol <server>, etc.
I don't believe 'vos listvol' requires any special privileges.
Again, can you even access files after aklog?
I have about 500Gbytes and for this reason I can't reset my DB.
You don't need to change anything in ptserver after switching to krb5.
Don't try afs2k5db for now; something else must be broken.
-Chris Wing
[EMAIL PROTECTED]
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
