Re: [OpenAFS] client unable to access afs-cell after update to 1.4.1

[Ulrich Eck]

Hi Derek, thanks for your help, i exportet the key to the keytab again - but didn't distritute that key to the afs-servers. the original problem was caused by using a wrong cell-name on  one of the clients (which did work somehow before i upgraded to 1.4.1) now it's working again like a charm :-) cheers Ulrich Am 01.06.2006 um 02:55 schrieb Derek Atkins: The 1.4.x aklog should first try afs/[EMAIL PROTECTED] and if that fails it should fallback and try [EMAIL PROTECTED]  Right now you're running with two different keys, so that's part of your problem. -derek Ulrich Eck <[EMAIL PROTECTED]> writes: hi there, we have a small AFS-Cell using MIT-KRB5+524d on several debian/linux machines. after upgrading one of the openafs-clients (debian) to v1.4.1 + new kernel-modules we're not able to access the afs-cell from this system. there seems to be a difference between v1.3.81 (used on our fileservers/other clients) and  the new v1.4.1 in respect to what service-ticket aklog requests. on a working machine it requests a service-ticket for [EMAIL PROTECTED] with the new version it requests afs/[EMAIL PROTECTED]. i tried to create a principal afs/[EMAIL PROTECTED] in our kdc - but i didn't have success as the kvno of the newly created principal does not match the server-config. i get this error-message in the syslog of the client:  kernel: afs: Tokens for user of AFS id XXX for cell cellname are discarded (rxkad error=19270408) ~$ translate_et 19270408 19270408 (rxk).8 = ticket contained unknown key version number so my question(s): is it possible to tell aklog to behave like it did before the upgrade (ergo request the [EMAIL PROTECTED] ticket) ? if not: can i tell the afs-cell to accept more than one service-ticket ([EMAIL PROTECTED] and afs/[EMAIL PROTECTED]) and if yes - how would i do so ? thanks in advance for any suggestions/help cheers Ulrich --  net-labs Systemhaus GmbH Ebersberger Str. 46 85570 Markt Schwaben fon +49 8121 4747 0 fax +49 8121 4747 77 email: [EMAIL PROTECTED] _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info --         Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory        Member, MIT Student Information Processing Board  (SIPB)        URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH        [EMAIL PROTECTED]                        PGP key available Ulrich Eck net-labs Systemhaus GmbH Geschäftsleitung Ebersberger Str. 46 85570 Markt Schwaben Tel:  08121/4747-0 Fax: 08121/4747-77 Email: [EMAIL PROTECTED]