[OpenAFS] Help: aklog cannot work properly
Jeffrey Altman
jaltman@secure-endpoints.com
Wed, 01 Jun 2011 09:00:55 -0400
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig9176BDF6529575CA1CA444AE
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
On 6/1/2011 1:03 AM, Lee Eric wrote:
> Hi,
>=20
> It seems aklog cannot work well in my server.
>=20
>=20
> [root@server ~]# klist
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: admin@HERDINGCAT.INTERNAL
>=20
> Valid starting Expires Service principal
> 06/01/11 00:55:12 06/02/11 00:55:10
> krbtgt/HERDINGCAT.INTERNAL@HERDINGCAT.INTERNAL
> renew until 06/01/11 00:55:12
> [root@server ~]# aklog -d -c herdingcat.internal
> Authenticating to cell herdingcat.internal (server server.herdingcat.in=
ternal).
> Trying to authenticate to user's realm HERDINGCAT.INTERNAL.
> Getting tickets: afs/herdingcat.internal@HERDINGCAT.INTERNAL
> Kerberos error code returned by get_cred : -1765328370
-1765328370 =3D KDC has no support for encryption type
In other words, your KDC has support for DES-CBC-CRC turned off.
Re-enable support for DES encryption types and you will get further.
Jeffrey Altman
--------------enig9176BDF6529575CA1CA444AE
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
iQEcBAEBAgAGBQJN5jgJAAoJENxm1CNJffh4QYUH/ip60RHfi2rfBXFfJy5nmIS+
12YvO/Vn6j3V6mzVyRVogSzxKIBS0YgaHhFFNJY4aMzHaNkRuOHtI91mUnjdtZKg
S2OzJLXoFsC1RTkLiKbnzkxHpBWnpANXPMSoG860VRy5p2wcu1hTv+9Fo38JL/Ro
DKYlbM17VOVdkjU5MFG4Bl5oDGQG8lS+NFC2HomwJcB+nWfnXsjP3FLfkp8Ivolj
IL1yVt6U2hCzLnGayiuZqje74PMn/aNzE0XLNIx8xsHEmV+3zFn28REvdVypLMOX
/qn97u55BjPfy2kKMc5I4lfEQwjlLzsbC9/3fIC9x0ywjE48JSFf3pddPKkM+xg=
=XUFX
-----END PGP SIGNATURE-----
--------------enig9176BDF6529575CA1CA444AE--