[OpenAFS] Authentication issues
Rick Cochran
rcc2@cornell.edu
Wed, 19 May 2010 17:02:41 -0400
Trying to play by the book, but having no joy.
Windows XP 32-bit
Starting from scratch, I install:
kfw-i386-3-2-2.msi
netidmgr-i386-rel-2_0_0_304.msi
openafs-en_US-1-5-7400.msi
and put the following in C:\Windows\krb5.ini
--------------------------
[libdefaults]
default_realm = CIT.CORNELL.EDU
default_tgs_enctypes = des-cbc-crc
default_tkt_enctypes = des-cbc-crc
forwardable = true
proxiable = true
noaddresses = true
[realms]
CIT.CORNELL.EDU = {
kdc = kerberos.cit.cornell.edu:88
kdc = kerberos2.cit.cornell.edu:88
admin_server = kerberos.cit.cornell.edu
default_domain = cit.cornell.edu
}
[domain_realm]
.cit.cornell.edu = CIT.CORNELL.EDU
cit.cornell.edu = CIT.CORNELL.EDU
.mail.cornell.edu = CIT.CORNELL.EDU
mail.cornell.edu = CIT.CORNELL.EDU
--------------------------
I can get K5 tickets using NIM, but not AFS tokens.
I can get AFS tokens using "aklog".
I cannot reconcile these two results.
-Rick