[OpenAFS] New Keyfile and strange behaviour
Aldo Necci
necci@dia.uniroma3.it
Thu, 10 May 2012 13:03:53 +0200
Hi all,
I've added the "afs/cellname" principal and created a keytab file
(kadmin: ktadd -k /tmp/afs.keytab -e des-cbc-crc:v4 afs/<cellname>).
Then I used "asetkey" as described in its man page:
% asetkey add <KVNO> /tmp/afs.keytab afs/<cellname>
I did the asetkey command on all 3 servers with the same afs.keytab file
and then restart tha afs-server processes.
Now the behaviour I got on the clients after login is:
- "klist" gives only the krbtgt ticket
- "tokens" gives this output:
Tokens held by the Cache Manager:
Tokens for afs@dia.uniroma3.it [Expires May 10 22:50]
--End of list--
- "aklod" works fine and after this command I have a new kerberos ticket
(afs/dia.uniroma3.it@DIA.UNIROMA3.IT) and the right token:
$ tokens
Tokens held by the Cache Manager:
User's (AFS ID 10001) tokens for afs@dia.uniroma3.it [Expires May 10 22:5=
0]
--End of list--
Why I haven't the right AFS token after the login? And what is the
first AFS token I have after the login?
Thanks in advance.
-----------------------------------------
This email was sent using SquirrelMail.
https://webmail.dia.uniroma3.it
Web Site: http://www.squirrelmail.org