[OpenAFS] Re: Fresh install with AES key only. Can't authenticate.
Fri, 08 Aug 2014 22:58:55 +0200
Thanks a lot, this solved the problem.
2014.08.08. 21:47 keltez=E9ssel, Andrew Deason =EDrta:
> On Fri, 08 Aug 2014 21:21:15 +0200
> GALAMBOS Daniel <firstname.lastname@example.org> wrote:
>> root@afstest:~# ktutil -k /etc/openafs/server/rxkad.keytab list
>> Vno Type Principal Aliases
>> 1 aes256-cts-hmac-sha1-96 afs/afstest.elte.hu@ELTE.HU
> At first glance, this is maybe because your cell name (afstest.elte.hu)
> does not match your realm name (elte.hu). So various tools are
> recognizing you as the foreign user 'email@example.com', not the local use=
> 'dancsa'. You don't get an error for that because it's not necessarily
> _wrong_; those are just two different users. aklog should detect this,
> but maybe some logic in there is not behaving correctly.
> Try putting the realm name ELTE.HU in this file:
> <http://docs.openafs.org/Reference/5/krb.conf.html>, which will force
> @ELTE.HU principal names to be recognized as 'local' users. On Debian
> it's in /etc/openafs or /etc/openafs/server somewhere (check the
> manpage). Restart the server processes after you do that, and if
> everything works after that, that's what it was.