[OpenAFS] Re: OpenAFS aklog returns token only for afs@cellname
Sun, 12 Feb 2006 01:56:25 -0800
Christopher D. Clausen wrote:
> ted creedon <firstname.lastname@example.org> wrote:
>> A remote box gets a krb5 ticket for admin@CELLNAME but aklog returns
>> without the user's (afs id 1) identification for the token.
>> The Kerberos server and afs server are on the same central box.
> What does aklog -d return?
> yno:~ # aklog -d
> Authenticating to cell home.ted-doris.fam (server
> We've deduced that we need to authenticate to realm HOME.TED-DORIS.FAM.
> Getting tickets: afs/home.ted-doris.fam@HOME.TED-DORIS.FAM
> Using Kerberos V5 ticket natively
> About to resolve name admin to id in cell home.ted-doris.fam.
> Error -1
> Set username to admin
> Setting tokens. admin / @ HOME.TED-DORIS.FAM
> Tokens held by the Cache Manager:
> Tokens for email@example.com [Expires Feb 12 13:04]
> --End of list--
> It should be noted that the server is behind a firewall and NetInfo
> was set up to deal with this. vos listaddrs looks OK.