[OpenAFS] Problems with windows Vista and OpenAFS

Claudio Prono claudio.prono@atpss.net
Thu, 04 Jun 2009 15:47:47 +0200


This is a multi-part message in MIME format.
--------------010306080108080001020904
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

Ok, it's clear why i can't see kerberos credentials in command prompt.
And why i can't access to the afs ? If i try \\afs , it's empty and i
can see only printers. What can be wrong? How i can debug this?

Cordially,

Claudio.

Jeffrey Altman ha scritto:
> If your command prompt is being run as "administrator"
> it will not be able to see the Kerberos credential caches
> that are maintained by NetIdMgr.  This is because the
> "administrator" processes are actually in a different
> session.
>
> If you are using multiple identities in NetIdMgr, the
> kerberos command line tools will only be able to access
> the "default" identity.  If the command prompt is not
> running as "administrator" try setting the default
> identity again.
>
> Jeffrey Altman
>
>
> Claudio Prono wrote:
>   
>> Hello all,
>>
>> I use Windows Vista SP1 with OpenAFS 1.5.60 and Mit Kerberos 3.2.2. I
>> have some strange problems with that. If i try to authenticate with the
>> Network identity manager, i can login, but if i do from the prompt a
>> klist, i recieve that error:
>>
>> klist: No credentials cache found (ticket cache API:username1@domain.com)
>>
>> I have two identity configured into the network identity manager, if i
>> want to delete one, i click on it, hit the canc key, then i go to apply
>> than ok and if i reopen the network identity manager, no changes to
>> identity is done (a bug?). If i do a kinit from the prompt, no problem
>> at all, i can list all the tickets and all seems to work fine. But, if i
>> try to access to the AFS, i recieve an error of Permission Denied.
>>
>> The server is an OpenSuse 11.0, with that packages installed:
>>
>> openafs-1.4.8-3.1
>> openafs-authlibs-1.4.8-3.1
>> openafs-kmp-pae-1.4.8_2.6.25.5_1.1-3.1
>> pam-afs-session-1.5-6.11
>> openafs-server-1.4.8-3.1
>> openafs-client-1.4.8-3.1
>> openafs-krb5-mit-1.4.8-3.1
>>
>> If i connect directly from the server, no problem.
>>
>> What i can do to debug that stuff?
>>
>> Thank you,
>>
>> Claudio Prono.
>>
>>     
>
>
> !DSPAM:70,4a27ce87322202313377260!
>
>
>
>
>   

-- 
------------
Claudio Prono
Systems Development @ PSS Srl, Divisione Implementazione Sistemi
Via San Bernardino, 17 - 10137 Torino (TO) - IT
Tel +39-011.32.72.100  Fax +39-011.32.46.497
PGP Fingerprint: 75C2 4049 E23D 2FBF A65F  40DB EA5C 11AC C2B0 3647
Disclaimer: http://atpss.net/disclaimer
------------ 


--------------010306080108080001020904
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html;charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Ok, it's clear why i can't see kerberos credentials in command prompt.
And why i can't access to the afs ? If i try \\afs , it's empty and i
can see only printers. What can be wrong? How i can debug this?<br>
<br>
Cordially,<br>
<br>
Claudio.<br>
<br>
Jeffrey Altman ha scritto:
<blockquote cite="mid:4A27CE80.2070507@secure-endpoints.com" type="cite">
  <pre wrap="">If your command prompt is being run as "administrator"
it will not be able to see the Kerberos credential caches
that are maintained by NetIdMgr.  This is because the
"administrator" processes are actually in a different
session.

If you are using multiple identities in NetIdMgr, the
kerberos command line tools will only be able to access
the "default" identity.  If the command prompt is not
running as "administrator" try setting the default
identity again.

Jeffrey Altman


Claudio Prono wrote:
  </pre>
  <blockquote type="cite">
    <pre wrap="">Hello all,

I use Windows Vista SP1 with OpenAFS 1.5.60 and Mit Kerberos 3.2.2. I
have some strange problems with that. If i try to authenticate with the
Network identity manager, i can login, but if i do from the prompt a
klist, i recieve that error:

klist: No credentials cache found (ticket cache <a class="moz-txt-link-abbreviated" href="mailto:API:username1@domain.com">API:username1@domain.com</a>)

I have two identity configured into the network identity manager, if i
want to delete one, i click on it, hit the canc key, then i go to apply
than ok and if i reopen the network identity manager, no changes to
identity is done (a bug?). If i do a kinit from the prompt, no problem
at all, i can list all the tickets and all seems to work fine. But, if i
try to access to the AFS, i recieve an error of Permission Denied.

The server is an OpenSuse 11.0, with that packages installed:

openafs-1.4.8-3.1
openafs-authlibs-1.4.8-3.1
openafs-kmp-pae-1.4.8_2.6.25.5_1.1-3.1
pam-afs-session-1.5-6.11
openafs-server-1.4.8-3.1
openafs-client-1.4.8-3.1
openafs-krb5-mit-1.4.8-3.1

If i connect directly from the server, no problem.

What i can do to debug that stuff?

Thank you,

Claudio Prono.

    </pre>
  </blockquote>
  <pre wrap=""><!---->

!DSPAM:70,4a27ce87322202313377260!




  </pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">-- 
------------
Claudio Prono
Systems Development @ PSS Srl, Divisione Implementazione Sistemi
Via San Bernardino, 17 - 10137 Torino (TO) - IT
Tel +39-011.32.72.100  Fax +39-011.32.46.497
PGP Fingerprint: 75C2 4049 E23D 2FBF A65F  40DB EA5C 11AC C2B0 3647
Disclaimer: <a class="moz-txt-link-freetext" href="http://atpss.net/disclaimer">http://atpss.net/disclaimer</a>
------------ </pre>
</body>
</html>

--------------010306080108080001020904--