Jeff Blaine <jbla...@kickflop.net> writes: > We're still using kaserver for now, but I noticed the other day that I > did not know the password for our krb5 'admin' principal, so > eventually this needs to be fixed.
Or you can create a different privileged user in AFS. Either works. AFS just cares about whether the principal listed in system:administrators and in UserList, so you can create a new admin account (or one for each admin, which is what we do). > The current entry is as such, questions following: > > Principal: ad...@rcf.foo.com > Expiration date: Wed Dec 30 19:00:00 EST 2037 > Last password change: [never] > Password expiration date: [none] > Maximum ticket life: 1 days 00:00:00 > Maximum renewable life: 1 days 00:00:00 > Last modified: Mon Feb 18 16:12:05 EST 2008 (ad...@rcf.foo.com) > Last successful authentication: [never] > Last failed authentication: [never] > Failed password attempts: 0 > Number of keys: 1 > Key: vno 21, DES cbc mode with CRC-32, AFS version 3 > Attributes: > Policy: [none] > > 1. Once kaserver is turned off, does this enctype need > to stay this way, or is this a remnant of me flailing > while setting this up back then? Nope, it can have any enctype you want. Only the afs key matters. -- Russ Allbery (r...@stanford.edu) <http://www.eyrie.org/~eagle/> _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info