[OpenAFS] Strange Problems with AFS, Kerberos on AIX 4.3.3.

M. Jamal Green mgreen@odu.edu
03 Jul 2003 16:32:26 -0400


Hey all,

I'm struggling with a strange issue with AFS and Kerberos V
authentication on our AIX 4.3.3 server. I've searched all over but I
have yet to come across a solution.

Our fledgling AFS Cell KDC is a Redhat 7.3 server using Kerberos 5 ..no
4 authentication allowed (just in case this is a problem)

- the AIX krb5 client is installed.Here are the contents when I check
uing lslpp...

krb5.client.rte          1.2.0.1    C    Network Authentication Service
krb5.client.samples      1.2.0.1    C    Network Authentication Service
krb5.doc.en_US.html      1.2.0.1    C    Network Auth Service HTML
krb5.doc.en_US.pdf       1.2.0.1    C    Network Auth Service PDF
krb5.toolkit.adt         1.2.0.1    C    Network Authentication Service

This seems to be the lastest/greatest packages.. 

I was told I needed the AFS Migration Kit to get a working aklog for
AIX. I downloaded the afs-krb5-2.0 kit along with MIT's Kerberos V
version 1.2.8. With a little work, I got the migration kit to
complile... but here's where the strangeness and the problems begin..

When I use the AIX provided kinit to get a valid ticket...that works
fine.. when I try to use aklog I get this error message..

aklog: Couldn't get <cell name> AFS tickets:
aklog: Invalid argument while getting AFS tickets

I do a kdestroy..and use MIT's kinit, that seems to work... but when I
type aklog.. my display freezes and I have to log in again. The
side-effect is that anyone else that logs into the server now gets my
credentials. 

What am I doing wrong?



-- 
M. Jamal Green
Old Dominion University
UNIX Systems Administrator
Office of Computing and Communications Services
Unix Support Group
[phone]:757-683-3678
[fax]:757-683-5155
[web]:http://www.lions.odu.edu