[OpenAFS] Integrated Windows Logon
Hugo Monteiro
hugo.monteiro@fct.unl.pt
Fri, 06 May 2011 19:00:25 +0100
On 05/06/2011 06:51 PM, Jeffrey Altman wrote:
> On 5/6/2011 1:46 PM, Hugo Monteiro wrote:
>
>> I have just tried with 1.6.0pre5 and it's still not working. :(
>>
>> Tokens for the first (default) cell arrive but it's failing again for
>> the second cell defined at TheseCells.
>>
>> Error now is
>>
>> KFW_AFS_get_cred uname=[user@FCT.UNL.PT] smbname=[staff\user]
>> cell=[staff.fct.unl.pt] code=[-1765328377]
>>
>> Is it me that am overlooking anything?
> The error is KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN. In other words, the KDC
> has reported that the service principal for afs/staff.fct.unl.pt@<REALM>
> is not a recognized principal.
>
> Jeffrey Altman
>
Hi Jeffrey,
The problem is that afs/staff.fct.unl.pt@FCT.UNL.PT is in fact a
recognized principal.
similarly, in a linux machine, in which i'm using the TheseCells parameter:
user@DIVINF-PC15:~$ kinit user
user@FCT.UNL.PT's Password:
user@DIVINF-PC15:~$ afslog
user@DIVINF-PC15:~$ klist
Credentials cache: FILE:/tmp/krb5cc_1000
Principal: user@FCT.UNL.PT
Issued Expires Principal
May 6 18:56:26 May 7 04:56:25 krbtgt/FCT.UNL.PT@FCT.UNL.PT
May 6 18:56:26 May 7 04:56:25 afs/fct.unl.pt@FCT.UNL.PT
May 6 18:56:26 May 7 04:56:25 afs/staff.fct.unl.pt@FCT.UNL.PT
user@DIVINF-PC15:~$ tokens
Tokens held by the Cache Manager:
User's (AFS ID 1000) tokens for afs@staff.fct.unl.pt [Expires May 7 04:59]
User's (AFS ID 1000) tokens for afs@fct.unl.pt [Expires May 7 04:59]
--End of list--
... and thanks for the swift reply.
Regards,
Hugo Monteiro.
--
fct.unl.pt:~# cat .signature
Hugo Monteiro
Email : hugo.monteiro@fct.unl.pt
Telefone : +351 212948300 Ext.15307
Web : http://hmonteiro.net
Divisão de Informática
Faculdade de Ciências e Tecnologia da
Universidade Nova de Lisboa
Quinta da Torre 2829-516 Caparica Portugal
Telefone: +351 212948596 Fax: +351 212948548
www.fct.unl.pt apoio@fct.unl.pt
fct.unl.pt:~# _