[OpenAFS] New Keyfile and strange behaviour

Aldo Necci necci@dia.uniroma3.it
Thu, 10 May 2012 13:03:53 +0200

Hi all,

I've added the "afs/cellname" principal and created a keytab file
(kadmin:  ktadd -k /tmp/afs.keytab -e des-cbc-crc:v4 afs/<cellname>).

Then I used "asetkey" as described in its man page:
% asetkey add <KVNO> /tmp/afs.keytab afs/<cellname>

I did the asetkey command on all 3 servers with the same afs.keytab file
and then restart tha afs-server processes.

Now the behaviour I got on the clients after login is:

- "klist" gives only the krbtgt ticket
- "tokens" gives this output:

Tokens held by the Cache Manager:

Tokens for afs@dia.uniroma3.it [Expires May 10 22:50]
   --End of list--

- "aklod" works fine and after this command I have a new kerberos ticket
(afs/dia.uniroma3.it@DIA.UNIROMA3.IT)  and the right token:
$ tokens

Tokens held by the Cache Manager:

User's (AFS ID 10001) tokens for afs@dia.uniroma3.it [Expires May 10 22:5=
   --End of list--

Why I haven't the right AFS token after the login? And what is the
first AFS token I have after the login?

Thanks in advance.

This email was sent using SquirrelMail.
Web Site: http://www.squirrelmail.org