[OpenAFS] Using OpenAFS with existing Kerberos servers
David Howells
dhowells@redhat.com
Mon, 01 Sep 2003 17:06:29 +0100
> Nor am I, actually. Assuming you're using a modern enough Kerberos and the
> right options (which I believe are default for MIT and need to be
> specified for Heimdal) krb524 returns not a krb4 ticket but a stripped
> krb5 ticket for AFS; In either case, it gets crammed into the kernel and
> the right thing should just happen.
OIC.
> What is the output of "tokens" after you run aklog? For that matter, what
> does aklog -d (any other args you gave)
> say?
dhowells>aklog -d cambridge.redhat.com -k CAMBRIDGE.REDHAT.COM
Authenticating to cell cambridge.redhat.com (server openafs.cambridge.redhat.com).
We were told to authenticate to realm CAMBRIDGE.REDHAT.COM.
Getting tickets: afs/cambridge.redhat.com@CAMBRIDGE.REDHAT.COM
About to resolve name dhowells to id in cell cambridge.redhat.com.
Id 4043
Set username to AFS ID 4043
Setting tokens. AFS ID 4043 / @ CAMBRIDGE.REDHAT.COM
dhowells>tokens
Tokens held by the Cache Manager:
User's (AFS ID 4043) tokens for afs@cambridge.redhat.com [Expires Sep 2 01:23]
--End of list--
David