[OpenAFS] Ticket length error on Mac OSX 10.4.x
Larry Cashdollar
lcashdol@gmail.com
Thu, 25 May 2006 13:39:27 -0400
Hello,
I currently have a working AFS Cell that authenticates to
windows 2003 ad server. I am working on getting a MacOSX 10.4.x
client setup to use the afs cell. So far everything is working
properly, I can get a ticket and token but when I attempt to write to
my afs volume I get:
afs: Tokens for user of AFS id 21588 for cell corp.vapidlabs.com are
discarded (rxkad error=19270403)
Which maps to RXKADTICKETLEN Ticket length too long or too short.
I noticed on my working linux client that the ticket is valid for a 12
hour period, and on my failing mac client the ticket is only valid for
an 8 hour period. is this the ticket length issue that error is
referring to?
working host:
larry@Mathom:~/afs$ klist;tokens
Ticket cache: FILE:/tmp/krb5cc_21588_D9FAGc
Default principal: larry@CORP.VAPIDLABS.COM
Valid starting Expires Service principal
05/25/06 13:13:04 05/25/06 23:13:04
krbtgt/CORP.VAPIDLABS.COM@CORP.VAPIDLABS.COM
renew until 05/25/06 23:13:04
05/25/06 13:13:07 05/25/06 23:13:04 afs@CORP.VAPIDLABS.COM
renew until 05/25/06 23:13:04
Kerberos 4 ticket cache: /tmp/tkt21588
klist: You have no tickets cached
Tokens held by the Cache Manager:
User's (AFS ID 21588) tokens for afs@corp.vapidlabs.com [Expires May 25 23:13]
--End of list--
larry@Mathom:~/afs$
MacOSX Host:
dhcp-56-22:/afs/corp.vapidlabs.com/user/larry root# klist
Kerberos 5 ticket cache: 'API:Initial default ccache'
Default principal: larry@CORP.VAPIDLABS.COM
Valid Starting Expires Service Principal
05/25/06 13:12:21 05/25/06 19:52:21
krbtgt/CORP.VAPIDLABS.COM@CORP.VAPIDLABS.COM
renew until 05/25/06 23:12:21
05/25/06 13:12:22 05/25/06 19:52:21 afs@CORP.VAPIDLABS.COM
renew until 05/25/06 23:12:21
klist: No Kerberos 4 tickets in credentials cache
dhcp-56-22:/afs/corp.vapidlabs.com/user/larry root# tokens
Tokens held by the Cache Manager:
User's (AFS ID 21588) tokens for afs@corp.vapidlabs.com [Expires May 25 19:44]
--End of list--
Any help would be greatly appreciated.
-- larry