Turbo Fredriksson wrote:
I setting up AFS (v1.4.2) on Ubuntu with a Win2k3 AD. I/We have no admin rights on the AD unfortunatly, and the AFS principal we was given is in the form:
The AD admin can create the AFS account with any name they want, but the ServicePrincipalName assigned to must be, as Jeff said, afs@<REALM>, or more commonly afs/<cellname>@<REALM> Since the <cellname> is usually based on a DNS name, it should be globally unique, so your AD admins should not have a problem with using the SPN of afs/[EMAIL PROTECTED]
<city>_afs/EU<city><srv_nr>@<REALM> My cell is named: europe.ad.<domain>
The account name (ktpass -mapuser) could be city_afs and the SPN=afs/europe.ad.<domain>@<DOMAIN>
where ´<domain>´ and ´<REALM>´ is the same (just different case as it should). Is there any way to make sure aklog gets the correct host token with this setup?! _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
-- Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
