[OpenAFS] More OpenAFS + Heimdal questions...
Derek Atkins
warlord@MIT.EDU
11 May 2001 22:54:35 -0400
You cannot use klog against a Heimdal KDC; klog only works against the
AFS KAServer. You have to use kinit and then aklog (or an equivalent
Kerberos ticket -> AFS token converter) to get AFS tokens from your
Kerberos tickets.
-derek
Eric Knudstrup <eric@knudstrup.org> writes:
> I have my Open AFS cell set up, and my Heimdal KDC can kinit me, but I have yet
> to be able to klog.
> Each time I try, I get an error like this:
>
> [root@taipienyi heimdal]# klog -principal eknuds -servers taipienyi
> Password:
> Unable to authenticate to AFS because password was incorrect.
>
> I am using the same password as I kinit with.
> The kdc log says this:
> 2001-05-11T19:10:27 Lookup eknuds@KNUDSTRUP.ORG succeeded
> 2001-05-11T19:10:27 Lookup krbtgt/KNUDSTRUP.ORG@KNUDSTRUP.ORG succeeded
> 2001-05-11T19:10:27 sending 32 bytes to IPv4:10.1.0.3
>
> here's my klist:
>
> [root@taipienyi heimdal]# klist -v -T
> Credentials cache: FILE:/tmp/krb5cc_0
> Principal: eknuds@KNUDSTRUP.ORG
> Cache version: 4
>
> Server: krbtgt/KNUDSTRUP.ORG@KNUDSTRUP.ORG
> Ticket etype: des-cbc-md5, kvno 1
> Auth time: May 11 19:09:02 2001
> End time: May 12 01:49:02 2001
> Renew till: May 18 19:09:02 2001
> Ticket flags: renewable, initial
> Addresses: IPv4:10.1.0.3
>
>
> v4-ticket file: /tmp/tkt0
> klist: No ticket file (tf_util)
>
> May 11 00:42:39 May 15 08:17:24 User's (AFS ID 1) tokens for knudstrup.org (1)
> [root@taipienyi heimdal]#
>
>
> So, what am I missing (I'm just barely starting to get a grasp on AFS).
>
> Thanks,
>
> Eric
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo.cgi/openafs-info
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available