[OpenAFS] Problems with OpenAFS Fileserver.../ Kerberos5 Problem
Lars Schimmer
schimmer@cg.cs.tu-bs.de
Thu, 17 Mar 2005 21:03:23 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jeffrey Altman schrieb:
| Lars Schimmer wrote:
|
|> If there are two entrys in the keyfile, one from old kaserver and one
|> from Kerberos5 server, and the krb5 hat kvno of 1, the kaserver a kvno
|> of 0, is it possible for all clients (linux and windows) to get tokens
|> via kaserv? The new kerberos server isn´t in their (clients) CellServDB
|> yet.
|
|
| Windows clients use MIT KFW for Kerberos 5 support. The locations of
| KDCs are determined either from the krb5.ini file or DNS SRV records.
| CellServDB is not used for token acquisition when Kerberos 5 support
| is being used.
Thx for fast answer, but I meant the other way round.
If the KDC is up and running and the old kaserver are still up running,
and the windows clients has only the "old" kaserver in their CellServDB
and the have no kerberos on their system, can the windows clients still
logon AFS and get tokens via kaserv?
I mean, with now 2 entrys in the keyfile, can the servers select the
right one out for Windows AFS clients without kerberos?
| Jeffrey Altman
Cya
Lars
- --
- -----------------------------------------------------------------
Technische Universität Braunschweig, Institut für Computergraphik
Tel.: +49 531 391-2109 E-Mail: schimmer@cg.cs.tu-bs.de
PGP-Key-ID: 0xB87A0E03
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
iD8DBQFCOeKLVguzrLh6DgMRAvyBAJ4v3m3yyM2TYdG3ilA8h2AVvztGUgCcDSfs
6cYA3ydmPE4hT8zs92KzIBM=
=siiB
-----END PGP SIGNATURE-----