[OpenAFS] Re: SuSe 9.0 &Heimdal.6

ted creedon tcreedon@easystreet.com
Tue, 23 Dec 2003 21:25:26 -0800

How does one verify the consistency of the AFS tokens/tickets vs KRB5?
Can one delete keys from the keyfiles and start anew?

Does this help at all:

shemya:/var/log/openafs # pts examine -nameorid afs -cell tedcell
pts: User or group doesn't exist so couldn't look up id for afs

shemya:/var/log/openafs # pts examine -nameorid admin -cell tedcell
Name: admin, id: 502, owner: system:administrators, creator: anonymous,
membership: 1, flags: S----, group quota: unlimited.

Pts listentries shows

Rebooted and bad ticket errors...sigh.

-----Original Message-----
From: openafs-info-admin@openafs.org =
On Behalf Of Derrick J Brashear
Sent: Tuesday, December 23, 2003 6:30 PM
To: openafs-info@openafs.org
Subject: RE: [OpenAFS] Re: SuSe 9.0 &Heimdal.6

On Tue, 23 Dec 2003, ted creedon wrote:

> Yes there is a syslog message:
> 'kernel: afs: Tokens for user of AFS id 0 for cell tedcell are
> discarded'(rxkad error=3D19270407)

suggests the afs key on the servers does not match that in the kdcs.

> 	add -r afs@TED.FAM
> 	del_enctype afs@TED.FAM des3-cbc-sha1
> 	ext_keytab  afs@TED.FAM

unsure what the point of the last command above is

> 	ext_keytab -k AFSFILE:/etc/openafs/server/KeyFile afs@TED.FAM

what does examine afs@TED.FAM show?
OpenAFS-info mailing list