[OpenAFS] Cross Realm Kerberos+AFS
Derek Atkins
warlord@MIT.EDU
Tue, 18 May 2004 15:46:24 -0400
Jeffrey Altman <jaltman@columbia.edu> writes:
> Derek Atkins wrote:
>
>> Huh? Since when do you need a capaths to accept directly-shared cross
>> realm keys?
>
> You shouldn't, but that is what the KDC Policy error usually means.
Couldn't it also be an improper flag setting on the afs key? For
example if it's not set to accept tgs requests couldn't it also
throw this error?
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available