[OpenAFS] Client looks for a machine-afs kerberos host key

Jerome Walter walter+openafs@efrei.fr
Fri, 8 Aug 2003 10:21:20 +0200 

On Thu, Aug 07, 2003 at 11:34:29AM -0500, Douglas E. Engert wrote:
> 
> 
> Jerome Walter wrote:
> > 
> > Hi,
> > 
> > I just started again trying to get my afs clients to work under windows with a
> > MIT Kerberos KDC.
> 
> You are using K4 protocal, I assume, as you said you are using afscreds.exe  

Yes, i had to open K4 to get this to work. By the way, i would like to disable
K4, but never found the way to do it.

For the moment, the K5 authentication on the Windows 2k is done by the
Microsoft process and no MIT libraries are installed. If i get a way to
install MIT (assuming i am out of the US) and keep the trusted authentication
process, i would be the happiest guy on earth.

Is there so a way to get my openafs client to use K5 only tickets ? What is
the config ? i must have missed a thing, because my AFS-K5 config works
perfectly well on Linux, but Windows and Solaris are quite annoying me.
 
> > This time, it is a few better, but nothing wonderful. First of all, i only get
> > access to my AFS files if i am not authenticated. When authenticating, i
> > manage to get the credentials with afscreds.exe. But when i get these
> > credentials, the share does not work anymore :
> >  - first i kepp the access to files in cache, but it breaks quickly.
> >  - when trying to get access to any file not in cache, i get an error telling
> >    that afs server does not respond or is in process of being started.
> > 
> >    Do you know from where can come this problem of credentials ?
> 
> Sounds like the token you have obtained is encrypted in a key that is not
> in the AFS KeyFile, or the keys don't match.

That's an idea. If only i knew where to file the info on the key used...

> I was running into similiar behavior when testing the msklog program.
> 
> There is a way to use rxdebug to see the error number on a connection.
> I just don't recall. 

Too bad...

[snip]

Jerome Walter

-- 
-+--   Jérôme Walter - 	I2 EFREI		          ----+-
 Equipe Système - Efrei Robotique - Jap'Efrei - Erasmus Tutors
 "The World is my country" - "Nihon no tomodachi desu"
EFREI System and Networking guide http://perso.efrei.fr/~walter/