I appreciate your efforts. Its not only not obvious but also a complete surprise that all of a sudden all the remote clients (that were working) have all acted up, both Win server 2003, XP and linux
More importantly the obvious looping of the clients for any reason indicates a problem somewhere. Anything I can do?. The only thing I can think of is a keying and/or token problem that causes the looping, however it would be coincidental that 2 sites had the problem simultaneously.. /var/log/messages: Apr 23 13:41:37 geronimo syslog-ng[2299]: last message repeated 3316 times Apr 23 13:41:37 geronimo kernel: afs: Tokens for user of AFS id 1 for cell creedon.biz: rxkad error=19270407 rxkad error=19270407 Apr 23 13:41:37 geronimo kernel: afs: Tokens for user of AFS id 1 for cell creedon.biz: rxkad error=19270407 aklog -d -force creedon.biz Authenticating to cell creedon.biz (server geronimo.creedon.biz). Trying to authenticate to user's realm CREEDON.BIZ. Getting tickets: afs/[email protected] Using Kerberos V5 ticket natively About to resolve name admin to id in cell creedon.biz. Id 1 Set username to AFS ID 1 Setting tokens. AFS ID 1 / @ CREEDON.BIZ On Thu, Apr 23, 2009 at 11:28 AM, Jeffrey Altman < [email protected]> wrote: > Jeffrey Altman wrote: > > Ted Creedon wrote: > >> Upgraded XP to 1.5.59 > >> > >> XP afsd_service.exe takes 98% of the cpu ditto for any client linux box. > >> The XP and Linux clients are really not troubleshootable anymore due to > >> the hard resets required.. The XP and Linux clients did claim to get a > >> token, however. > >> > >> Both client and server work fine on geronimo. V 1.4.10 aklog gives the > >> same result on both ookpik - client and geronimo - server > >> > >> > >> aklog -d -force creedon.biz <http://creedon.biz> > >> Authenticating to cell creedon.biz <http://creedon.biz> (server > >> geronimo.creedon.biz <http://geronimo.creedon.biz>). > >> Trying to authenticate to user's realm CREEDON.BIZ <http://CREEDON.BIZ > >. > >> Getting tickets: afs/creedon.biz <http://creedon.biz>@CREEDON.BIZ > >> <http://CREEDON.BIZ> > >> Using Kerberos V5 ticket natively > >> About to resolve name admin to id in cell creedon.biz < > http://creedon.biz>. > >> Id 1 > >> Set username to AFS ID 1 > >> Setting tokens. AFS ID 1 / @ CREEDON.BIZ <http://CREEDON.BIZ> > >> > > > > This output is from Linux. You said you couldn't get tokens on XP. > > The output from Linux will not help diagnose a problem on XP. > > > > Does the CPU utilization drop if you discard your tokens with "unlog"? > > > > On XP: > > > > See if you can obtain a trace log. "fs trace -on", wait 5 seconds, "fs > > trace -dump -off". The trace log is %windir%\temp\afsd.log. > > If so, place it somewhere readable and post a link. > > > > If you cannot obtain a trace log. "fs minidump". The output will be > > in %windir%\temp\afsd.dmp. Again, place it somewhere readable and post > > a link. > > > > Jeffrey Altman > > I intentionally created an afs/c...@realm principal whose kvno does not > exist on the AFS servers. With 1.5.59 I am unable to reproduce the > problem. According to the trace output a RXKADUNKNOWNKEY error is > received from the file server. The STATUS_NO_KERB_KEY is then returned > to the SMB redirector which does not attempt to retry. > > Whatever you are experiencing is not obvious. > > Jeffrey Altman > > > > >
