[OpenAFS] krb5-Problems

Klaas Hagemann kerberos@northsailor.de
Thu, 17 Oct 2002 11:06:59 +0200


Hi,

i have strange problems with the krb5-integration.
Here is what i did:
on my kdc (mit 1.2.6) :
kadmin.local -e des-cbc-crc:v4
ank -randkey afs/mydomain.de
ktadd -k afskeytab afs/mydomain.de

then on my system control machine:
asetkey add <kvno> afskeytab afs/mydomain.de
I watched carefully for the key version number, this one is correct.

I can do an kinit and aklog
aklog -d does not show any errors, i get an afs-token successfully.

But when i do "vos listvldb" for examle, I get
"Could not access the VLDB for attributes
rxk: ticket contained unknown key version number"
although my user is in the user-list.

When i want to access the afs-filespace i get:
"ct 17 09:08:41 installed kernel: afs: Tokens for user of AFS id 2 for cell
mydomain.de are discarded (rxkad error=19270408)"

When i want to list the keys using "bos listkeys localhost" i get:
"bos: ticket contained unknown key version number error encountered while
listing keys"

On the other hand, it works fine with the -localauth-function:
# bos listkeys localhost -localauth
# key 3 has cksum 260487344
# Keys last changed on Thu Oct 17 10:56:43 2002.

There has been such a problem before on this list, but i could not figure
out the solution.
Any help is welcome.

Klaas