[OpenAFS] Re: [OpenAFS] Re: [OpenAFS] U ser got token, but aklog doesnZ(t show it?

Lars Schimmer l.schimmer@cgv.tugraz.at
Tue, 26 Jun 2007 11:39:33 +0200

Hash: SHA1

Lars Schimmer wrote:
> jaltman@secure-endpoints.com wrote: 
>> Lars Schimmer wrote:
>>> Hi!
>>> I setup grml 1.0 to a desktop system.
>>> It uses a 2.6.20 kernel and OpenAFS 1.4.4.dfsg1-3.
>>> Kernel Module is 1.4.4.dfsg1-2.
>>> I set the system up and while kinit/aklog or logging in I obtain a
>>> ticket and a token.
>>> Klist shows the ticket and tokens shows NOTHING.
>>> But I can access the AFS filespace as if I got a valid token for the =
>>> aklog tells me this error:
>>> aklog
>>> aklog: Badly formed name (group prefix doesn't match owner?) so unabl=
>>> to create remote PTS user admin@cgv.tugraz.at in cell cgv.tugraz.at
>>> (status: 267272).
>> If aklog is attempting to perform a remote PTS user registration, then
>> the client does not think the local cell is "cgv.tugraz.at".
> The "ThisCell" file is set and it is the correct cellname.
> Here the shell output as root:
> kinit admin
> Password for admin@CGV.TUGRAZ.AT:
> root@rtype /etc/openafs # aklog -d
> Authenticating to cell cgv.tugraz.at (server phobos.cgv.tugraz.at).
> We've deduced that we need to authenticate using referrals.
> Getting tickets: afs/cgv.tugraz.at@
> Using Kerberos V5 ticket natively
> About to resolve name admin@CGV.TUGRAZ.AT to id in cell cgv.tugraz.at.
> Id 32766
> doing first-time registration of admin@cgv.tugraz.at at cgv.tugraz.at
> aklog: Badly formed name (group prefix doesn't match owner?) so unable =
> create remote PTS user admin@cgv.tugraz.at in cell cgv.tugraz.at (statu=
> 267272).
> Set username to admin@cgv.tugraz.at
> Setting tokens. admin@cgv.tugraz.at /  @ CGV.TUGRAZ.AT
> root@rtype /etc/openafs # tokens
> Tokens held by the Cache Manager:
> Tokens for afs@cgv.tugraz.at [Expires Jun 26 20:20]
>    --End of list--
> root@rtype /etc/openafs #                    
> But I obtained a token and can browse AFS filespace.

testes some more.
I get always the ID 32766, doesn´t care which user I try to aklog...
But just on this system....

>> Jeffrey Altman
>> Secure Endpoints Inc.

Lars Schimmer
- --
- -------------------------------------------------------------
TU Graz, Institut für ComputerGraphik & WissensVisualisierung
Tel: +43 316 873-5405       E-Mail: l.schimmer@cgv.tugraz.at
Fax: +43 316 873-5402       PGP-Key-ID: 0x4A9B1723
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org