Le samedi 24 janvier 2015 à 20:40 -0500, Benjamin Kaduk a écrit :
On Fri, 23 Jan 2015, Yvan Masson wrote:
Le jeudi 22 janvier 2015 à 19:34 -0500, Jason Edgecombe a écrit :
On 01/22/2015 12:53 PM, Yvan Masson wrote:
Thanks for your fast answers.
Le mardi 20 janvier 2015 à 20:37
Dear all,
I've got a working setup for single cell/single realm OpenAFS and
kerberos for cell a.com/realm A.COM.
klist -e -f
Ticket cache: FILE:/tmp/krb5cc_606_c9Pb3J
Default principal: vglau...@a.com
Valid starting Expires Service principal
27.01.2015 14:15:17
In order for user@B to obtain afs/cellname@A there must be a cross-realm
relationship between A and B.
The other way to obtain a token for cellname is to add a service
principal afs/cellname@B to realm B and then export the key and add it
in addition to the key from afs/cellname@A to the
* Yvan Masson [2015-01-27 09:48:46 +0100]:
Yes, pam_afs_session is in some pam files : common-auth, common-session
and common-session-noninteractive. These files are attached. Indeed, I
suppose something is wrong here.
I don't see anything obviously amiss, but these files don't tell the whole
On 1/27/2015 9:44 AM, Volkmar Glauche wrote:
[deleted]
Now, I would like to be able to use tickets from kerberos realm B.COM to
get OpenAFS tokens in cell a.com. I can neither add any principals to
realm B.COM nor implement a full cross-realm trust relationship.
In order for user@B to obtain