[OpenAFS] Re: IPA + OpenAFS

[Andrew Deason]

On Thu, 12 Jul 2012 11:16:55 -0400
Qing Chang <qchang@sri.utoronto.ca> wrote:

> which says that I have to create a keyfile with des-cbc-crc:v4 salt,
> after some struggle with IPA I finally created the keyfile with
> des-cbc-crc:v4.  It did not help, I still get the same error.

Did you just extract a keytab, or did you also add the key to the
KeyFile using 'asetkey'? This is described on the page 'Initializing
Cell Security' around step 7:
<http://docs.openafs.org/QuickStartUnix/ch02s14.html>.

If you did actually create a KeyFile, you need to restart the server
processes for it to take effect. (Or 'touch' the server-side CellServDB
file.) You can run 'bos listkeys <server> -local' to show what keys the
server thinks it has (don't show this output to the list). You should
have at least one key listed if everything is set up correctly.

-- 
Andrew Deason
adeason@sinenomine.net