[OpenAFS] Re: [OpenAFS] User got token, but aklog doesn´t show it?
Tue, 26 Jun 2007 08:19:55 -0000
> Lars Schimmer wrote:
> > Hi!
> > I setup grml 1.0 to a desktop system.
> > It uses a 2.6.20 kernel and OpenAFS 1.4.4.dfsg1-3.
> > Kernel Module is 1.4.4.dfsg1-2.
> > I set the system up and while kinit/aklog or logging in I obtain a
> > ticket and a token.
> > Klist shows the ticket and tokens shows NOTHING.
> > But I can access the AFS filespace as if I got a valid token for the user.
> > aklog tells me this error:
> > aklog
> > aklog: Badly formed name (group prefix doesn't match owner?) so unable
> > to create remote PTS user firstname.lastname@example.org in cell cgv.tugraz.at
> > (status: 267272).
> If aklog is attempting to perform a remote PTS user registration, then
> the client does not think the local cell is "cgv.tugraz.at".
The "ThisCell" file is set and it is the correct cellname.
Here the shell output as root:
Password for admin@CGV.TUGRAZ.AT:
root@rtype /etc/openafs # aklog -d
Authenticating to cell cgv.tugraz.at (server phobos.cgv.tugraz.at).
We've deduced that we need to authenticate using referrals.
Getting tickets: afs/cgv.tugraz.at@
Using Kerberos V5 ticket natively
About to resolve name admin@CGV.TUGRAZ.AT to id in cell cgv.tugraz.at.
doing first-time registration of email@example.com at cgv.tugraz.at
aklog: Badly formed name (group prefix doesn't match owner?) so unable to
create remote PTS user firstname.lastname@example.org in cell cgv.tugraz.at (status:
Set username to email@example.com
Setting tokens. firstname.lastname@example.org / @ CGV.TUGRAZ.AT
root@rtype /etc/openafs # tokens
Tokens held by the Cache Manager:
Tokens for email@example.com [Expires Jun 26 20:20]
--End of list--
root@rtype /etc/openafs #
But I obtained a token and can browse AFS filespace.
> Jeffrey Altman
> Secure Endpoints Inc.