[OpenAFS] Re: OpenAFS + Kerb5

Jeff Blaine jblaine@mitre.org
Wed, 15 Feb 2006 12:03:27 -0500


 >>It's not looking to be a pleasant experience from what
 >>I can see so far with the first thing tried:
 >>
 >>   # klog.krb -setpag jblaine
 >>   Unable to authenticate because AFS user doesn't exist.
 >>   # klog.krb -setpag jblaine@JBTEST
 >>   Unable to authenticate because AFS user doesn't exist.
 >>
> You should _not_ use those utilities.  They talk to the kaserver (as
> you have discovered), but their only difference is that they keep
> around a Kerberos V4 cache afterwards.
> 
> You need to use a V5 kinit and aklog.  Then you can shut down the kaserver.

Okay, FWIW, I did pay attention to you telling me to use
aklog in your previous message.  Having not found one
in OpenAFS 1.4.0 nor Kerberos5 1.4.3, I made the jump
to 'klog.krb' in an effort to not be a spammy pest.
Obviously that was a wrong jump.

# find src/krb5-1.4.3 /export/home/krb5 /usr/afsws -name \*aklog\*
#

So, I have failed somewhere that I don't understand, as
I recall you saying aklog was part of OpenAFS 1.4.0 and
asetkey would be in 1.4.1.