[OpenAFS] how to install Kerberos AFS Principal??
TIARA System Man
sysman@tiara.sinica.edu.tw
Tue, 7 Apr 2009 14:01:49 +0800
thank you!
i only had afs@REALM. should i create another afs/cell@REALM?
if i do following commands, will it mess up afs server?
ktadd -e des-cbc-crc:normal -k /etc/krb5.keytab.afs afs/tiara.sinica.edu.tw
asetkey add X /etc/krb5.keytab.afs afs/tiara.sinica.edu.tw
what are the benefits to have afs/cell@REALM? please tell me. thank you. :)
best, sam
On Tue, Apr 7, 2009 at 1:40 PM, Brandon S. Allbery KF8NH
<allbery@ece.cmu.edu> wrote:
> On 2009 Apr 6, at 23:12, TIARA System Man wrote:
>>
>> on the april fools' day, i installed another afs file server. it was
>> disaster i made some thing wrong. i added another kerberos afs
>
> Don't do that. =C2=A0There should be a single AFS principal across an ent=
ire cell
> (you could have two (afs@REALM and afs/cell@REALM) as long as they have
> different kvnos, but that is advanced usage) installed on all servers.
> =C2=A0Easiest is probably to simply copy the KeyFile from the first serve=
r to any
> additional servers you add.
>
> --
> brandon s. allbery [solaris,freebsd,perl,pugs,haskell] allbery@kf8nh.com
> system administrator [openafs,heimdal,too many hats] allbery@ece.cmu.edu
> electrical and computer engineering, carnegie mellon university =C2=A0 =
=C2=A0KF8NH
>
>
>
--=20
Sam Tseng
Academia Sinica
Institute of Astronomy and Astrophysics
Tel: +886-2-3365-2200 ext 742
Fax: +886-2-2367-7849