Hi Harald,
It appears the error is because I used the wrong kvno number. I should
have specified kvno 3 i.e.
usr/afs/bin/asetkey add 3 /etc/krb5.keytab.afs afs/krb5afs.geotate.local
many thanks
Mike
-----Original Message-----
From: Mike Legg
Sent: 07 June 2011 11:50
To: h...@kth.se
Cc: openafs-info@openafs.org
Subject: RE: [OpenAFS] FW: Evaluating OpenAFS
Hi Harald,
I have the following Kerberos packages installed
[root@openafs01 etc]# rpm -qa | grep krb5
krb5-server-1.6.1-55.el5_6.1
pam_krb5-2.2.14-18.el5
krb5-devel-1.6.1-55.el5_6.1
krb5-libs-1.6.1-55.el5_6.1
krb5-workstation-1.6.1-55.el5_6.1
krb5-auth-dialog-0.7-1
and the /etc/krb5.conf has
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = VMKRB5
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
allow_weak_crypto = true
[realms]
VMKRB5 = {
kdc = openafs01.geotate.local:88
admin_server = openafs01.geotate.local:749
}
[domain_realm]
.geotate.local = VMKRB5
geotate.local = VMKRB5
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
Mike
-----Original Message-----
From: Harald Barth [mailto:h...@kth.se]
Sent: 07 June 2011 11:37
To: Mike Legg
Cc: openafs-info@openafs.org
Subject: Re: [OpenAFS] FW: Evaluating OpenAFS
> [root@openafs01 etc]# /usr/afs/bin/asetkey add 2 /etc/krb5.keytab.afs
> afs/krb5afs.geotate.local
>
> /usr/afs/bin/asetkey: unknown RPC error (-1765328154) while extracting
> AFS service key
What versions are your kerberos library and your KDC at?
Do you have the
[libdefaults]
allow_weak_crypto = true
option at the right places?
Harald.
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
