Solutions RE: [OpenAFS-devel] gssklog on soalris 9
Rong,Yongjun(CS)
rong@cs.ttu.edu
Tue, 8 Jun 2004 15:20:20 -0500
Thanks for you all information and response.
I have got it works with root and non-root on solaris 9 box which run MIT
kinit.
I found that gssklog use /etc/krb5/krb5.conf. It cannot use /etc/krb5.conf
which s used by MIT kinit. The problem here is because I put some extra
config in the /etc/krb5/krb5.conf as below:
[appdefaults]
afs_krb5 = {
CS.TTU.EDU = {
afs = false
afs/cs.ttu.edu = false
}
}
After I removed this config section, it works for root and non-root in
sloaris 9 box.
I think this config is only used by krb524. For gssklog, we don't need the
above config.
Thanks again for every one.
rong
-----Original Message-----
From: openafs-devel-admin@openafs.org
[mailto:openafs-devel-admin@openafs.org]On Behalf Of Derek Atkins
Sent: Tuesday, June 08, 2004 2:11 PM
To: Rong,Yongjun(CS)
Cc: Jeffrey Hutzelman; Douglas E. Engert; openafs-devel@openafs.org
Subject: Re: [OpenAFS-devel] gssklog on soalris 9
"Rong,Yongjun(CS)" <rong@redwood.cs.ttu.edu> writes:
> Ok, Here I got more information.
> We have SEAM and MIT kerberos install in one soalris 9 box. When I user
SEAM
> kinit to get my krbtgt. gssklog can work with this tickets. But if I use
MIT
> kinit to get the krgbtgt, gssklog cannot get tokens and get errors as
below:
What do you get from "klist -e" from the various tools? It could be
an enctype problem. What kind of KDC are you using? For example, I
dont think SEAM supports 3DES.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available
_______________________________________________
OpenAFS-devel mailing list
OpenAFS-devel@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-devel