[OpenAFS] differences between aklog on Windows and Unix?
Adam Megacz
megacz@cs.berkeley.edu
Wed, 25 Jan 2006 22:19:01 -0800
Hrm, I'm seeing different behavior from the same aklog (OpenAFS
1.4.1-rc5) on Windows versus Unix (MacOS+Linux) regarding locating
KDC's using DNS entries.
Using totally uncustomized krb5.conf's on all machines, I can do this
on Linux and MacOS:
kinit megacz@EECS.BERKELEY.EDU
aklog -c research.cs.berkeley.edu
However, on Windows, it seems that aklog can't properly figure out
that research.cs.berkeley.edu is its own kerberos realm (the
_kerberos.research.cs.berkeley.edu TXT record exists, but is not being
used):
> kinit megacz@EECS.BERKELEY.EDU
Password for megacz@EECS.BERKELEY.EDU:
> aklog -d -c research.cs.berkeley.edu
Authenticating to cell research.cs.berkeley.edu.
Getting v5 tickets: afs/research.cs.berkeley.edu@CS.BERKELEY.EDU
Getting v5 tickets: afs@CS.BERKELEY.EDU
Kerberos error code returned by get_cred: -1765328377
aklog.exe: Couldn't get research.cs.berkeley.edu AFS tickets:
Any ideas? My ultimate goal is to be able to do this without users
having to edit their krb5.conf's.
- a
--
PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380