[OpenAFS] Re: Cron Jobs for "Regular" Users
Holger Rauch
holger.rauch@empic.de
Thu, 28 Jan 2010 12:35:03 +0100
--HcAYCG3uE/tztfnV
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hi Thomas,
On Wed, 27 Jan 2010, Thomas Kula wrote:
> [...]=20
> It very well could be. If the kvno (which is listed in the klist
> output) doesn't match kvno in the database (what is displayed with
> getprinc in kadmin) then you won't be able to authenticate with
> that keytab.=20
I just did a "getprinc <princ_name>" and it told me that the user
actually had *two* different (meaning different encryption types)
keys. Does that imply I would also have to add *both* keys from within
ktutil for the newly generated keytab file?
I created two different keytab files each having one of those keys.
Nevertheless, I still got the same error:
kinit(v5): Key table entry not found while getting initial credentials
I should perhaps also point out that I have no default_tgs_enctypes
and no default_tkt_enctypes options in my [libdefaults] section in my
/etc/krb5.conf (on a Debian Lenny system with MIT Kerberos from Debian
packages).
Thanks & kind regards,
Holger
=20
Thanks & kind regards,
Holger
--HcAYCG3uE/tztfnV
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkthdmcACgkQbiVtWpZdKQJ5LQCdER7CUbPjmx9wF76uVueR+VfW
VisAn2gaCmKdgKleygoqktKD8cuKOcbE
=Wi9q
-----END PGP SIGNATURE-----
--HcAYCG3uE/tztfnV--