[OpenAFS] Multiple Unneeded TGS_REQs

Jason C. Wells jcw@highperformance.net
Fri, 28 Nov 2003 11:48:09 -0800 (PST) 

I have OpenAFS for Windows 1.2.10.  I am using ms2mit, k524init, and aklog
from MIT KfW 2.5.  I run a script after windows login to get all my
tickets.  I do not run kaserver on my linux AFS server.  I do not use the
Windows client to obtain afs tickets.  I have disabled AFS integreated
login.  My windows 2000 client machine authenticates to my MIT KDC.
Everything seems to function correctly.  I do have one annoyance.

The problem is that something (AFS?) is kicking off 5 TGS_REQs, every
three minutes.  Coincidentally(?), my AFS login retry time setting is 180
seconds.  I have the integrated login disabled, but it seems to be
re-trying anyway.

I do not have a host named w13-AFS on my network so I do not have a host
principle named w13-AFS in my Kerberos database.  I can understand why the
request is failing.  I do not understand why the request is being made in
the first place.

Why is my client trying to get a ticket for HOST/w13-AFS?  How can I
prevent this?  Is windows causing this or is the AFS client causing this?

I am suspicious that the 180 second retry is a red herring causing me to
think that this is an AFS problem, rather than a Windows problem.  My
first instinct is ABMS, Always Blame Microsoft.

Thanks,
Jason C. Wells

Here is one such offending TGS_REQ

KDC:
Nov 28 11:09:24 s2.stradamotorsports.com krb5kdc[56463](info): TGS_REQ (7
etypes {23 -133 -128 3 1 24 -135}) 192.168.1.13: UNKNOWN_SERVER: authtime
1070045150, jcw@STRADAMOTORSPORTS.COM for HOST/w13-AFS@STRADAMOTORSPORTS.COM,
 Server not found in Kerberos database

Windows Event Viewer:
The function InitializeSecurityContext received a Kerberos Error Message:
         on logon session
 Client Time: 22:4:23.0000 6/29/1988 Z
 Server Time: 19:9:24.0000 11/28/2003 (null)
 Error Code: 0x7  KDC_ERR_S_PRINCIPAL_UNKNOWN
 Client Realm: STRADAMOTORSPORTS.COM
 Client Name: jcw
 Server Realm: STRADAMOTORSPORTS.COM
 Server Name: HOST/w13-AFS
 Target Name: HOST/w13-AFS@STRADAMOTORSPORTS.COM
 Error Text: UNKNOWN_SERVER
 File:
 Line:
 Error Data is in record data.