[OpenAFS] Strange behavior with Windows client.

Anders Magnusson ragge@ltu.se
Fri, 24 Apr 2009 18:33:06 +0200


Quick answer, great, thanks!

Is there a FAQ somewhere with all these types of answers collected?  I
haven't been able to find one.

-- Ragge

Jeffrey Altman wrote:
> See http://support.microsoft.com/default.aspx/kb/916204
>
> Anders Magnusson wrote:
>   
>> Environment:
>> - Laptop, Windows XP SP3 32-bit, domain member.
>> - OpenAFS client 1.5.59
>> - Heimdal Kerberos server with trust to the AD domain.
>>
>>
>> If I connect the computer to a network somewhere, and logs in with
>> cached credentials, there
>> is no way to talk to the AFS client; it just gives a strange error
>> message, see below.
>> Note that the identity manager fetches kerberos tickets without problem.
>>
>>
>> C:\Documents and Settings\anha>dir \\afs\all <file://%5C%5Cafs%5Call>
>> The system detected a possible attempt to compromise security. Please
>> ensure that you can contact the server that authenticated you.
>> C:\Documents and Settings\anha>aklog
>> aklog: Couldn't determine realm of user: -1765328189
>>
>> Logging in as a local user and get tickets and tokens works just fine,
>> it's when logging
>> in with cached credentials things don't work. If the machine is plugged
>> in to a network that can reach the domain controller
>> (while still logged in with cached credentials, no reboots) the AFS
>> client starts responding.
>>
>> The afsd_init.log don't say anything strange; and after all, the client
>> seems to work when
>> logging in as a local user.
>>
>> Any hints?
>>
>> -- Ragge
>>
>>
>> _______________________________________________
>> OpenAFS-info mailing list
>> OpenAFS-info@openafs.org
>> https://lists.openafs.org/mailman/listinfo/openafs-info
>>
>>