[OpenAFS] Moving Kerberos
James D. Nurmi
jnurmi-openafs-info@qwe.cc
Tue, 25 Feb 2003 12:05:42 -0500
the krb5.conf is correctly stating that the kdc & adminserver are the
newly CNamed kerberos1 machine... Kinit works, aklog works. klist lists
out the new ticket, tokens claims to have tokens... However if I try to
enter a section on /afs that requires anything above system:anyuser
(from any client machine) gets:
afs: Tokens for user of AFS id 2 for cell econ.vt.edu are discarded
(rxkad error=19270408)
Interestingly, klog fails, and AFS for windows says Authentication
Server cannot be found...
Still toying with it though... I'll let you know if i get any
breakthroughs....
Derek Atkins wrote:
>Set your krb.conf/krb5.conf to point to the new KDC.
>
>Or do you mean you're actually using "klog"???
>
>-derek
>
>"James D. Nurmi" <jnurmi-openafs-info@qwe.cc> writes:
>
>
>
>>I've been attempting of late to rotate some of the functionality of
>>our servers to accomodate a new machine... In the process, I would
>>like to move kerberos off of one of our AFS machines onto its own box.
>>I got the KDC moved as well as possible, and all services work
>>normally, except for AFS... Is there a way to tell AFS where to look
>>for the kerberos server? or does it /have/ to be on the ptServer?
>>
>>James Nurmi
>>
>>
>>_______________________________________________
>>OpenAFS-info mailing list
>>OpenAFS-info@openafs.org
>>https://lists.openafs.org/mailman/listinfo/openafs-info
>>
>>
>
>
>