[OpenAFS] Trouble with AFS aklog - unable to obtain tokens - unknown cell passed to SetToken

Matt Weatherford mbw@u.washington.edu
Wed, 15 Oct 2003 10:40:16 -0700 

Greetings,

Im working with Debian/Woody and AFS 1.2.9, MIT Kerberos

Ive recently set up a kerb 5 domain server (kdc1) with a 524 daemon
and im now trying to set up an afs server (ali)

When I run aklog, I get an error: unable to obtain tokens

ali:/etc/openafs# kinit root/admin
Password for root/admin@REALM.YADDA.WASHINGTON.EDU:
ali:/etc/openafs#
ali:/etc/openafs#
ali:/etc/openafs# aklog yadda -k REALM.YADDA.WASHINGTON.EDU -d
Authenticating to cell YADDA (server ali.yadda.washington.edu).
We were told to authenticate to realm REALM.YADDA.WASHINGTON.EDU.
Getting tickets: afs/YADDA@REALM.YADDA.WASHINGTON.EDU
About to resolve name root.admin to id in cell YADDA.
Id 1
Set username to AFS ID 1
Setting tokens. AFS ID 1 /  @ REALM.YADDA.WASHINGTON.EDU
aklog: unable to obtain tokens for cell YADDA (status: unknown cell was 
passed to SetToken).
ali:/etc/openafs#


Here is my Kerberos Server log:

Oct 15 10:05:40 kdc1.yadda.washington.edu krb5kdc[163](info): AS_REQ (2 
etypes {16 1}) 128.208.105.84(88): NEEDED_PREAUTH: 
root/admin@REALM.YADDA.WASHINGTON.EDU for 
krbtgt/REALM.YADDA.WASHINGTON.EDU@REALM.YADDA.WASHINGTON.EDU, Additional 
pre-authentication required

Oct 15 10:05:44 kdc1.yadda.washington.edu krb5kdc[163](info): AS_REQ (2 
etypes {16 1}) 128.208.105.84(88): ISSUE: authtime 1066237544, etypes 
{rep=16 tkt=16 ses=16}, root/admin@REALM.YADDA.WASHINGTON.EDU for 
krbtgt/REALM.YADDA.WASHINGTON.EDU@REALM.YADDA.WASHINGTON.EDU

Oct 15 10:05:48 kdc1.yadda.washington.edu krb5kdc[163](info): TGS_REQ (1 
etypes {1}) 128.208.105.84(88): ISSUE: authtime 1066237544, etypes 
{rep=16 tkt=16 ses=1}, root/admin@REALM.YADDA.WASHINGTON.EDU for 
afs/YADDA@REALM.YADDA.WASHINGTON.EDU


And I can see traffic going from the machine Im running "aklog" on
to the Kerb server and back on port 4444 - which is the "kerb524d"
so presumably, the ticket is being "translated" to the v4 syntax.

What else can I look at to try to debug this problem?

thanks,

Matt

-- 
Matt Weatherford
Unix Administration
Center for Studies in Demography and Ecology
218H Raitt Hall, Box 353412
University of Washington
Seattle, WA, USA, 98195         206-685-5346
http://www.yadda.washington.edu