[OpenAFS] Re: Integrated Login problem

Jeffrey Altman jaltman@your-file-system.com
Sun, 18 Nov 2012 18:11:38 -0500

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

-1765328164 =3D Cannot resolve network address for KDC in requested realm=

aklog -d will tell you what realm is being queried.

On 11/18/2012 4:22 AM, R. Laatsch wrote:
> Dear all,
> there is a problem with Integrated Login here.
> This is my setup:
> Server: 'slinux.localdomain' (SL58) with AFS cell test.rl and krb5kdc f=
or realm TEST2.RL
> (not the standard name).
> The Afs version is openafs-1.6.1, the krb5 version is krb5-1.10.3 .
> The kdc has entries for the user and afs/test.rl (DES type).
> Client: Windows-7 (VirtualBox) with AFS, KfW, NIM installed. Realm set =
> The KfW version is MIT 3.2.2
> Login to the Client gives an 'unknown RPC error (-1765328164)' and no A=
FS token.
> Doing manually 'gssklog.exe' (with password), i do get a token.
> But there seems to be no 'gssklog Auth Provider' for NIM, that could he=
lp circumvent the=20
> 'wrong realm name' problems.
> On the linux server after kinit user, aklog -d gets me a working token.=
> The realm name was chosen to check out problems under Windows.
> I do *NOT* want CrossRealm Authentication.
> Any help in this matter would be greatly appreciated.
> Somewhere I found 'linked cells' mentioned (double named cells in CellS=
ervDB), but no hints
> to do it correctly. Did someone use this to bypass above problem?
> Best regards
> Rainer
> ________________________________________________
> Kerberos mailing list           Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

Version: GnuPG v1.4.9 (MingW32)