Hi All
I have a MS Active Directory (HHK.DK) that allmost all user are created
in. I have a MIT Kerberos (CBS.DK) that I have some other users in.
There is a two-way trust between them and I know that it works.
I have a user [EMAIL PROTECTED] in the MIT Kerberos and a user
[EMAIL PROTECTED] in MS AD. The OpenAFS afs/sugi.cbs.dk token is in MIT
Kerberos. Using my [EMAIL PROTECTED] I can access my home dir in AFS, but
when using [EMAIL PROTECTED] it fails on aklog.
Is this possible ?
/Mikkel
-----------------
[EMAIL PROTECTED] ~]$ kinit [EMAIL PROTECTED]
Password for [EMAIL PROTECTED]:
[EMAIL PROTECTED] ~]$ klist
Ticket cache: FILE:/tmp/krb5cc_500
Default principal: [EMAIL PROTECTED]
Valid starting Expires Service principal
08/01/07 13:32:26 08/01/07 23:32:29 krbtgt/[EMAIL PROTECTED]
renew until 08/02/07 13:32:26
Kerberos 4 ticket cache: /tmp/tkt500
klist: You have no tickets cached
----------------
[EMAIL PROTECTED] ~]$ aklog
aklog: Unknown code PT 8 so unable to create remote PTS user
[EMAIL PROTECTED] in cell cbs.dk (status: 267272).
---------------
[EMAIL PROTECTED] ~]$ klist -e -f
Ticket cache: FILE:/tmp/krb5cc_500
Default principal: [EMAIL PROTECTED]
Valid starting Expires Service principal
08/01/07 13:32:26 08/01/07 23:32:29 krbtgt/[EMAIL PROTECTED]
renew until 08/02/07 13:32:26, Flags: FRIA
Etype (skey, tkt): ArcFour with HMAC/md5, ArcFour with HMAC/md5
08/01/07 13:32:32 08/01/07 23:32:29 krbtgt/[EMAIL PROTECTED]
renew until 08/02/07 13:32:26, Flags: FRAO
Etype (skey, tkt): DES cbc mode with CRC-32, DES cbc mode with
RSA-MD5
08/01/07 13:32:32 08/01/07 23:32:29 afs/[EMAIL PROTECTED]
renew until 08/01/07 13:32:32, Flags: FRAT
Etype (skey, tkt): DES cbc mode with CRC-32, DES cbc mode with
CRC-32
Kerberos 4 ticket cache: /tmp/tkt500
klist: You have no tickets cached
-------------
Mikkel Kruse Johnsen
Copenhagen Business School
Solbjergplads
2100 Frederiksberg
Mikkel Kruse Johnsen
Linet
Ørholmgade 6 st tv
2200 København N
Tlf: +45 2128 7793
email: [EMAIL PROTECTED]
www: http://www.linet.dk
