[OpenAFS] KDC differences between Windows 2000 and 2003?
Andrew Leahy
aleahy@knox.edu
Fri, 20 Aug 2004 11:42:28 -0500
Hello,
We run a small AFS domain where our AFS principal afs/knox.edu@KNOX.EDU
is held by a Windows kerberos server which is out of our control. The
AFS domain is used primarily during the academic year and when I
recently went to grab something out of AFS space, I found that it simply
wasn't working any longer:
[root@leibniz root]# kinit aleahy@KNOX.EDU
Password for aleahy@KNOX.EDU:
[root@leibniz root]# aklog -d
Authenticating to cell knox.edu (server leibniz.lab.knet.edu).
We've deduced that we need to authenticate to realm KNOX.EDU.
Getting tickets: afs/knox.edu@KNOX.EDU
Kerberos error code returned by get_cred: -1765328154
aklog: Couldn't get knox.edu AFS tickets:
aklog: unknown RPC error (-1765328154) while getting AFS tickets
As I've stumbled around with this, it appears the afs principal isn't
where it should be:
[root@leibniz root]# kinit -k -t /etc/krb5.keytab afs/knox.edu@KNOX.EDU
kinit(v5): Cannot find KDC for requested realm while getting initial
credentials
I don't think I've made any modifications to our server in the interim,
and the only variable on the Windows server end is that they've upgraded
from Windows 2000 to Windows Server 2003. Am I barking up the wrong tree?
Thanks for your assistance.
Andrew Leahy
---
[This E-mail scanned for viruses by Declude Virus]