different outcome w/ 7.1.0 but no tokens from eiher afslog or aklog (still 
carps about 
/run/user/0/krb5cc/tkt", O_RDONLY) = -1 ENOENT)

ookpik:/data1/openafs-1.8.0pre1 # kinit -afslog admin
ad...@creedon.biz's Password:
ookpik:/data1/openafs-1.8.0pre1 # klist -AT
Credentials cache: FILE:/tmp/krb5cc_0
        Principal: ad...@creedon.biz

  Issued                Expires               Principal
Dec 22 15:33:01 2016  Jun 23 07:32:57 2017  krbtgt/creedon....@creedon.biz
Dec 22 15:33:01 2016  Jun 23 07:32:57 2017  afs/creedon....@creedon.biz



Dec 22 15:33:01 201  Jun 23 07:32:57 201  Tokens for creedon.biz


##################
aklog
aklog: Couldn't determine realm of user:aklog: unknown RPC error (-1765328189)  
while getting realm
#####
open("/run/user/0/krb5cc/tkt", O_RDONLY) = -1 ENOENT (No such file or directory)

________________________________________
From: Benjamin Kaduk <ka...@mit.edu>
Sent: Thursday, December 22, 2016 12:31:50 PM
To: Ted Creedon
Cc: Michael Meffie; openafs-info@openafs.org
Subject: Re: [OpenAFS] Re: aklog carps  Couldn't determine realm of user

On Thu, Dec 22, 2016 at 07:50:02PM +0000, Ted Creedon wrote:
> Yes it should but it doesn't. See the conundrum in kadmin->get krbgtkt ?
> I.e how can Principal: krbtgt/creedon....@creedon.biz have a ticket if it was 
> never loggged in?

It doesn't have a ticket; ad...@creedon.biz has a ticket.
The ticket that ad...@creedon.biz has is a ticket-granting ticket, i.e., the 
service
principal it is for is krbtgt/creedon....@creedon.biz.

-Ben
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Reply via email to