[OpenAFS] Re: SuSe 9.0 &Heimdal.6
ted creedon
tcreedon@easystreet.com
Tue, 23 Dec 2003 21:25:26 -0800
How does one verify the consistency of the AFS tokens/tickets vs KRB5?
Can one delete keys from the keyfiles and start anew?
Does this help at all:
shemya:/var/log/openafs # pts examine -nameorid afs -cell tedcell
pts: User or group doesn't exist so couldn't look up id for afs
shemya:/var/log/openafs # pts examine -nameorid admin -cell tedcell
Name: admin, id: 502, owner: system:administrators, creator: anonymous,
membership: 1, flags: S----, group quota: unlimited.
Pts listentries shows
anonymous...
admin...
Rebooted and bad ticket errors...sigh.
Ted
-----Original Message-----
From: openafs-info-admin@openafs.org =
[mailto:openafs-info-admin@openafs.org]
On Behalf Of Derrick J Brashear
Sent: Tuesday, December 23, 2003 6:30 PM
To: openafs-info@openafs.org
Subject: RE: [OpenAFS] Re: SuSe 9.0 &Heimdal.6
On Tue, 23 Dec 2003, ted creedon wrote:
> Yes there is a syslog message:
>
> 'kernel: afs: Tokens for user of AFS id 0 for cell tedcell are
> discarded'(rxkad error=3D19270407)
suggests the afs key on the servers does not match that in the kdcs.
> add -r afs@TED.FAM
> del_enctype afs@TED.FAM des3-cbc-sha1
> ext_keytab afs@TED.FAM
unsure what the point of the last command above is
> ext_keytab -k AFSFILE:/etc/openafs/server/KeyFile afs@TED.FAM
what does examine afs@TED.FAM show?
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info