[OpenAFS] unable to authenticate to openafs via aklog
Ken Hornstein
kenh@cmf.nrl.navy.mil
Mon, 07 Jul 2003 12:39:06 -0400
>So i think there should be another error elsewhere or i
>missunderstood some (most) of the docs.
So, somedays I think I've seen every Kerberos error that someone would
reasonably get ... and then you see a new one :-)
>krb524d[14741]: No dictionary file specified, continuing without one.
>krb524d[14741]: service entry `krb524' not found, using 4444
These are benign; they're not your problem.
>BTW: krb524init also said "Improper format of translation database
>entry converting to V4 credentials".
So, this error has the symbolic name KRB5_LNAME_BADFORMAT. It actually
isn't returned from the krb524 code; it comes from the krb5 library in
the principal name conversion routines and from the aname_to_lname routines.
I am guessing that it's not a aname_to_lname problem, so your problem is
very likely in the function krb5_524_conv_principal().
What exactly is the name of the AFS service principal you're trying to
acquire? It looks like from the code that there might be a problem
with the name (badly formatted or too long). As a last resort, build
krb524d with full debugging and run it under gdb.
--Ken