-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jeffrey Altman wrote: > Lars Schimmer wrote: > >> Ok, tested it on my laptop with OpenAFS 1.5.20 and MIT KFW Netwwork >> identity Manager 1.2.0.2 >> I destroyed all my tokens/tickets, changed the krb5.cond file from MIT >> server to Win2003 AD server and tried to obtain tokens. >> OK, I obtained a token as a user and as a administrator (I need to bind >> administrator to admin account). >> But as soon as I tried to access the openafs filespace in which I need >> the token, token was destroyed and gone. >> Changed krb5.conf back to MIT krb5 server and it works like a charm. >> I still miss something... > > More than likely the AFS key is wrong. Wrong kvno, wrong enctype, wrong > something. > > Use trace logging to examine the error code returned by the file server > that is causing the token to be discarded.
Thanks for the hint. The Linux system gave the error in logfile: Jun 8 15:47:06 testpc kernel: afs: Tokens for user of AFS id 1005 for cell cgv.tugraz.at are discarded (rxkad error=19270407) A google told me wronkg kvno :-( Although I ktpass with kvno 4 and imported it as kvno 4... Lets try it again. I just "bos restart -all" the afs server. Was that OK or do I need to restart the linux system at all? > Jeffrey Altman > Secure Endpoints Inc. > > MfG, Lars Schimmer - -- - ------------------------------------------------------------- TU Graz, Institut für ComputerGraphik & WissensVisualisierung Tel: +43 316 873-5405 E-Mail: [EMAIL PROTECTED] Fax: +43 316 873-5402 PGP-Key-ID: 0x4A9B1723 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGaV3LmWhuE0qbFyMRArwsAJ90mJu+yJwytA9gkg9vgGT2OHKX2wCeNOBd pGXZs2cVGG7yyyZVajgO9bk= =5f6T -----END PGP SIGNATURE----- _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
