Re: OpenAFS trouble
* David Z Maze <dmaze@debian.org> [2003-May-20 08:47 AKDT]:
> Christopher Swingley <cswingle@iarc.uaf.edu> writes:
>
> > cswingle@enemy:~$ pts exa cswingle
> > pts: security object was passed a bad ticket so couldn't look
> > up names
>
> Eeeenteresting. Do you have Kerberos tickets? What does 'klist' say?
> Does /etc/openafs/CellServDB match on both machines? /etc/krb5.conf,
> /etc/krb.conf, /etc/krb.realms? (Which Kerberos are you using?) If
> it's a Kerberos issue, you should probably be running a KDC and a
> krb524d, possibly on friend but possibly on some other machine, with
> both friend and enemy pointing at the Kerberos server. How are you
> getting tokens?
AHA! I had forgotten that enemy had been set up in the past as a KDC
and it still had it's /etc/krb5.conf pointing to itself. It seems a bit
strange that I was able to get an AFS token, but since the token didn't
work (as it shouldn't have) I guess everything is kosher.
Thanks a lot for pointing me to my bone-headed mistake. I knew it
shouldn't have been this hard!
Thanks again David!!
Chris
--
Christopher S. Swingley email: cswingle@iarc.uaf.edu
IARC -- Frontier Program Please use encryption. GPG key at:
University of Alaska Fairbanks www.frontier.iarc.uaf.edu/~cswingle/
Reply to: