Josh == Josh Huber [EMAIL PROTECTED] writes:
Josh Now, I looked at the release notes for OpenAFS 1.2.7, and it
Josh didn't mention anything like this feature -- what verison of
Josh OpenAFS supports this new token format?
Someone had to come first in supporting this feature and
Quoth [EMAIL PROTECTED] (Sam Hartman):
| Josh == Josh Huber [EMAIL PROTECTED] writes:
...
| Josh I like the thought of more integration of AFS and krb5.
|
| Not surprisingly those of us who worked on this proposal had similar
| motivations.
Excellent. I'm encouraged enough by all this to
Hornstein [EMAIL PROTECTED]
To: Cesar Garcia [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Friday, October 18, 2002 5:53 AM
Subject: Re: afs-krb5 integration
There is also a bug in krb524d that does not set the kvno on the
returned V4 ticket. Here's a patch:
Interesting ... so what triggers
Klaas == Klaas Hagemann [EMAIL PROTECTED] writes:
Klaas Hi, concerning the documentation, i have to add an pam_afs
Klaas entry in the appdefaults-section of the krb5.conf file
Klaas (src/krb524d/README). My Question: Do i only have to
Klaas change the krb5.conf on the servers
We haven't had problems with it. We've only recently started rolling
out OpenAFS.
Klaas == Klaas Hagemann [EMAIL PROTECTED] writes:
Klaas Hi Cesar, thanks for your quick help. I supposed, i woould
Klaas have searched a long time for this bug. But with your
Klaas patch, the krb524d works
Hi,
i have strange problems in integrating openafs into krb5.
I use openafs 1.2.7 and kerberos 1.2.6 for the slave-server and 1.2.4 for
the kerberos master/admin server.
I checked everything with these key-versions (thanks to Derek on the openafs
mailing lis), but it did not help.
I always get
i have strange problems in integrating openafs into krb5.
I use openafs 1.2.7 and kerberos 1.2.6 for the slave-server and 1.2.4 for
the kerberos master/admin server.
I checked everything with these key-versions (thanks to Derek on the openafs
mailing lis), but it did not help.
I always get ticket
There is also a bug in krb524d that does not set the kvno on the
returned V4 ticket. Here's a patch:
$ diff -c krb524d.c.orig krb524d.c
*** krb524d.c.orig Thu Oct 17 13:37:30 2002
--- krb524d.c Thu Oct 17 13:39:55 2002
***
*** 412,418
memset (key, 0, sizeof
At the end of the day, there is a ticket in a Keyfile that does not agree
with the service ticket stored in your KDC. This is the ONLY possible
cause of this error (at least, the only one I've ever seen).
That is not the problem i meant.
It works fine with my krb5-1.2.4 kerberos master
Ken == Ken Hornstein [EMAIL PROTECTED] writes:
i have strange problems in integrating openafs into krb5. I
use openafs 1.2.7 and kerberos 1.2.6 for the slave-server and
1.2.4 for the kerberos master/admin server. I checked
everything with these key-versions (thanks to Derek
There is also a bug in krb524d that does not set the kvno on the
returned V4 ticket. Here's a patch:
Interesting ... so what triggers this? I mean, it seems to work in
normal circumstances ...
--Ken
Kerberos mailing list [EMAIL
Not sure - I'm not exactly an AFS subject matter expert and I haven't
seen the AFS code that implements the key retrieval (from KeyFile)
and token validation.
When I first started looking at MIT's krb524, this was the first problem
we saw. [the 524 client setting the lifetimes incorrectly was the
12 matches
Mail list logo