[OpenAFS-port-darwin] Krb5 ticket -> AFS token upon login ...

Ragnar Sundblad ragge@nada.kth.se
Tue, 24 Jun 2003 05:32:52 +0200


--On den 11 juni 2003 15:09 -0400 Steve Lidie <sol0@Lehigh.EDU> wrote:

> I've been using both aklog and afslog without luck.  Previously, I was
> authenticating to an AFS kaserver.  Today I brought up MIT's krb5
> authentication server - separate from the AFS server - and added myself
> as a principal, assuming that I would now simply get an AFS token w/o
> problem.  But after modifying /Library/Preferences/edu.mit.kerberos to
> point to my kdc, both Kerberos plugins still do not give me a token.
> Does the following debug output suggest what my problem might be?

Have you also added the afs server principal to the new
kerberos server? If not, you can't get a ticket for that
service. Note that you must add it with the correct key,
not just any key.

To get a better feeling for kerberos I'd recommend setting
up some ordinary services, like telnet for a host or two.
Starting of with only getting the entire AFS chain of
things working can be problematic, as much of this code
behaves badly with no or stupid error messages when things
aren't setup perfectly.

/ragge