[OpenAFS] Re: IPA + OpenAFS
Thu, 12 Jul 2012 14:25:52 -0500
On Thu, 12 Jul 2012 11:16:55 -0400
Qing Chang <email@example.com> wrote:
> which says that I have to create a keyfile with des-cbc-crc:v4 salt,
> after some struggle with IPA I finally created the keyfile with
> des-cbc-crc:v4. It did not help, I still get the same error.
Did you just extract a keytab, or did you also add the key to the
KeyFile using 'asetkey'? This is described on the page 'Initializing
Cell Security' around step 7:
If you did actually create a KeyFile, you need to restart the server
processes for it to take effect. (Or 'touch' the server-side CellServDB
file.) You can run 'bos listkeys <server> -local' to show what keys the
server thinks it has (don't show this output to the list). You should
have at least one key listed if everything is set up correctly.