[OpenAFS] Re: [OpenAFS] Re: [OpenAFS] U
ser got token, but aklog doesnZ(t show
it?
Lars Schimmer
l.schimmer@cgv.tugraz.at
Tue, 26 Jun 2007 11:39:33 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Lars Schimmer wrote:
> jaltman@secure-endpoints.com wrote:
>> Lars Schimmer wrote:
>>> Hi!
>>>
>>> I setup grml 1.0 to a desktop system.
>>> It uses a 2.6.20 kernel and OpenAFS 1.4.4.dfsg1-3.
>>> Kernel Module is 1.4.4.dfsg1-2.
>>>
>>> I set the system up and while kinit/aklog or logging in I obtain a
>>> ticket and a token.
>>> Klist shows the ticket and tokens shows NOTHING.
>>> But I can access the AFS filespace as if I got a valid token for the =
user.
>>>
>>> aklog tells me this error:
>>> aklog
>>> aklog: Badly formed name (group prefix doesn't match owner?) so unabl=
e
>>> to create remote PTS user admin@cgv.tugraz.at in cell cgv.tugraz.at
>>> (status: 267272).
>> If aklog is attempting to perform a remote PTS user registration, then
>> the client does not think the local cell is "cgv.tugraz.at".
>
> The "ThisCell" file is set and it is the correct cellname.
>
> Here the shell output as root:
>
> kinit admin
> Password for admin@CGV.TUGRAZ.AT:
> root@rtype /etc/openafs # aklog -d
> Authenticating to cell cgv.tugraz.at (server phobos.cgv.tugraz.at).
> We've deduced that we need to authenticate using referrals.
> Getting tickets: afs/cgv.tugraz.at@
> Using Kerberos V5 ticket natively
> About to resolve name admin@CGV.TUGRAZ.AT to id in cell cgv.tugraz.at.
> Id 32766
> doing first-time registration of admin@cgv.tugraz.at at cgv.tugraz.at
> aklog: Badly formed name (group prefix doesn't match owner?) so unable =
to
> create remote PTS user admin@cgv.tugraz.at in cell cgv.tugraz.at (statu=
s:
> 267272).
> Set username to admin@cgv.tugraz.at
> Setting tokens. admin@cgv.tugraz.at / @ CGV.TUGRAZ.AT
> root@rtype /etc/openafs # tokens
>
> Tokens held by the Cache Manager:
>
> Tokens for afs@cgv.tugraz.at [Expires Jun 26 20:20]
> --End of list--
> root@rtype /etc/openafs #
>
> But I obtained a token and can browse AFS filespace.
testes some more.
I get always the ID 32766, doesn´t care which user I try to aklog...
But just on this system....
>> Jeffrey Altman
>> Secure Endpoints Inc.
MfG,
Lars Schimmer
- --
- -------------------------------------------------------------
TU Graz, Institut für ComputerGraphik & WissensVisualisierung
Tel: +43 316 873-5405 E-Mail: l.schimmer@cgv.tugraz.at
Fax: +43 316 873-5402 PGP-Key-ID: 0x4A9B1723
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGgN7VmWhuE0qbFyMRAis2AJ0bd46VTVcun6It2qSzMpswmLTJJQCggJOH
thE/I2451hjnXTOTcqVZIho=
=Zdrj
-----END PGP SIGNATURE-----