[OpenAFS] afs migration to Kerberos 5 Help
Steve Devine
sdevine@msu.edu
Thu, 17 Jun 2004 22:19:42 -0400 (EDT)
All,
I am trying to set up a test afs cell and migrate it to Kerb 5.
The cell works as expected and the kdc works fine as well. I can kinit and
klist tickets etc. I converted a afs principal to the kdc and now I can kinit
using the original afs password .. so far so good.
When I run aklog -d this is what I get
###################
Authenticating to cell kerb5.cl.msu.edu (server open-afsdb2.cl.msu.edu).
We've deduced that we need to authenticate to realm KERB5.CL.MSU.EDU.
Getting tickets: afs/kerb5.cl.msu.edu@KERB5.CL.MSU.EDU
About to resolve name XXXX-email-protested-XXX to id in cell kerb5.cl.msu.edu.
Id 4
Set username to AFS ID 4
Setting tokens. AFS ID 4 / @ KERB5.CL.MSU.EDU
aklog: unable to obtain tokens for cell kerb5.cl.msu.edu (status: 11862791).
################################
Heres a question. In the README for afs-krb5 it says
1) Create an AFS principal in the Kerberos database. Call it:
afs@YOUR.CELL.NAME
Yet in the debug for aklog -d it seems to be calling for
afs/kerb5.cl.msu.edu@KERB5.CL.MSU.EDU
So which one do I need ?
Any help would be appreciatted I have Goggled and Read as much as I can and it
still seems unclear.
Also fakeka give this error:
No matching key in entry while decrypting the master key
Thanks very much in advance.
Steve Devine
Michigan State University