[OpenAFS] Adding Additional Fileserver to Cell
Russ Allbery
rra@stanford.edu
Fri, 08 Sep 2006 13:29:10 -0700
Mike Bydalek <mbydalek@contentconnections.com> writes:
> To setup the new fileserver, I copied over the keytab that I created and
> ran asetkey successfully. You're right in that there is a problem with
> the authentication, but I am able to get tokens successfully.
Obtaining a token doesn't test anything other than your Kerberos v5 setup
and maybe a PTS request or two. The token isn't actually used until you
try to access a file.
> But if I try and do something that requires authentication, it fails:
> root@mars:/var/log/openafs# bos listkeys mars.testbed.lan -cell testbed.lan
> bos: you are not authorized for this operation error encountered while
> listing keys
> But the keys are there ...
> root@mars:/var/log/openafs# bos listkeys mars.testbed.lan -cell
> testbed.lan -localauth
> key 3 has cksum 2873560082
> Keys last changed on Fri Sep 8 12:19:55 2006.
> All done.
> Am I missing something obvious?
Is the above output, including the key number and the checksum, the same
as on your other server? That would be the first thing I'd check at this
point. If either of those are different, this won't work properly.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>