[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OpenAFS trouble

* David Z Maze <dmaze@debian.org> [2003-May-20 08:47 AKDT]:
> Christopher Swingley <cswingle@iarc.uaf.edu> writes:
> 
> >     cswingle@enemy:~$ pts exa cswingle
> >         pts: security object was passed a bad ticket so couldn't look 
> >         up names
> 
> Eeeenteresting.  Do you have Kerberos tickets?  What does 'klist' say?
> Does /etc/openafs/CellServDB match on both machines?  /etc/krb5.conf,
> /etc/krb.conf, /etc/krb.realms?  (Which Kerberos are you using?)  If
> it's a Kerberos issue, you should probably be running a KDC and a
> krb524d, possibly on friend but possibly on some other machine, with
> both friend and enemy pointing at the Kerberos server.  How are you
> getting tokens?

AHA!  I had forgotten that enemy had been set up in the past as a KDC 
and it still had it's /etc/krb5.conf pointing to itself.  It seems a bit 
strange that I was able to get an AFS token, but since the token didn't 
work (as it shouldn't have) I guess everything is kosher.

Thanks a lot for pointing me to my bone-headed mistake.  I knew it 
shouldn't have been this hard!

Thanks again David!!

Chris
-- 
Christopher S. Swingley          email: cswingle@iarc.uaf.edu
IARC -- Frontier Program         Please use encryption.  GPG key at:
University of Alaska Fairbanks   www.frontier.iarc.uaf.edu/~cswingle/
Reply to: