Jason C. Wells <[EMAIL PROTECTED]> wrote: > I am able to get an krb5 ticket for afs, but for some strange reason > aklog won't get a token for me. > > I use heimdal on FreeBSD 6.3 and openafs 1.2.8 on Redhat 8. I am not > running a kaserver. > > From the command line: > > [EMAIL PROTECTED] stradamotorsports.com]$ kinit > Password for [EMAIL PROTECTED]: > > [EMAIL PROTECTED] stradamotorsports.com]$ aklog -d > Authenticating to cell stradamotorsports.com (server > s3.stradamotorsports.com). > We've deduced that we need to authenticate to realm > STRADAMOTORSPORTS.COM. Getting tickets: > afs/[EMAIL PROTECTED] Kerberos error code > returned by get_cred: -1765328228 > aklog: Couldn't get stradamotorsports.com AFS tickets: > aklog: Cannot contact any KDC for requested realm while getting AFS > tickets
The error indicates a Kerberos problem, not an AFS problem. Where did you get aklog from? openafs 1.2.8 does not have an aklog binary and I suspect your aklog is trying to contact a krb524d process on the KDC (runs on port 4444 udp) and is probably failing thus rendering you unable to obtain tokens. Either upgrade to a newer openafs version or obtain an aklog that has native Kerberos 5 support and does not need a krb524d service running. (You could also enable krb524d on the KDC, but I would not suggest that.) <<CDC _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
