[OpenAFS] KerberosV + AFS
Frank Burkhardt
fbo2@gmx.net
Sat, 4 Dec 2004 10:28:25 +0100
Hi,
On Thu, Nov 25, 2004 at 04:14:34PM -0300, Maurizio Santini wrote:
> I've the following problem with MIT kerberosV 1.3.5 and openafs 1.2.11
> on redhat 7.3.
>
> ------------------LOG MESSAGE----------------
> login[6311]: pam_krb5afs: authentication succeeds for `testuser'
> login[6311]: pam_krb5afs: v4 ticket conversion succeeded for `testuser'
> login(pam_unix)[6311]: session opened for user testuser by (uid=0)
> testuser[6311]: LOGIN ON tty1 BY testuser
> kernel: afs: Tokens for user of AFS id 0 for cell test.pictage.com.ar
> are discarded (rxkad error=19270408)
> -------------------------------------
[snip]
Use this command on the AFS fileserver(s):
bos listkeys localhost -localauth
to get the afs server's key version number and compare it to
the one of the afs service key in you Kerberos DB:
kadmin.local -q 'getprinc afs/test.pictage.com.ar'
They must match.
Regards,
Frank