krb problems (fwd)

Camelia Botez camelia at wicc.weizmann.ac.il
Wed Mar 22 07:44:37 CET 2000 

Maybe someone can help me to finsh with the arla and krb installations and
to be able to use them both in three cells (cern.ch , desy.de and rhic).


Thank you


Camelia Botez

System Administrator
Weizmann Institute of Science - Physics Faculty
E-mail
camelia.botez at weizmann.ac.il
Phone 972-8-9343288
Fax   972-8-9344106 or 972-8-9344102


---------- Forwarded message ----------
Date: Wed, 22 Mar 2000 08:32:18 +0200 (IST)
From: Camelia Botez <camelia at wicc.weizmann.ac.il>
Reply-To: camelia.botez at weizmann.ac.il
To: Dr A V Le Blanc <LeBlanc at mcc.ac.uk>
Cc: camelia.botez at weizmann.ac.il
Subject: Re: krb problems

Good morning 


Sorry for the delay.
I created in my computer an user account called guest with passwd
Camelia-pc , but I'm not sure that you'll be able to access my computer
because of the firewall ( usualy from outside users are logingin with
PasswdCode from a Secure-ID card).
Anyway you cane try.
Now I'll send you the results of the checking of the clock 

first with Israel time 

[root at camelia-pc ~]# /usr/local/bin/ntptrace camelia-pc
camelia-pc.weizmann.ac.il: stratum 16, offset 0.000004, synch distance 0.00363
0.0.0.0:        *Not Synchronized*


[root at camelia-pc ~]# /usr/local/bin/ntpdc -p camelia-pc
     remote           local      st poll reach  delay   offset    disp
=======================================================================
=ymer.netcetera. 132.77.8.144     2   64   17 0.47865 55.959630 0.93843
=bernina-rz-fddi 132.77.8.144     2   64   17 0.11734 56.068076 0.93817
=whale.waikato.a 132.77.8.144     3   64   17 0.64220 55.942113 0.93929
=coyote.gw.uiuc. 132.77.8.144     2   64   17 0.58482 56.069833 0.93819
=triangle.kansas 5.0.0.0         16   64    0 0.00000  0.000000 0.00000
=afs3.cern.ch    5.0.0.0         16   64    0 0.00000  0.000000 0.00000
=ntp0.cs.strath. 132.77.8.144     2   64   17 0.10712 56.065978 0.93829
=tock.CS.UNLV.ED 132.77.8.144     2   64   17 0.44685 55.969877 0.94002
=CYAN.SRV.CS.CMU 132.77.8.144     2   64   17 0.58528 56.069631 0.93822
=tick.CS.UNLV.ED 132.77.8.144     3   64   17 0.44951 55.964012 0.94000
=castor.nevada.e 132.77.8.144     2   64   17 0.44615 55.981761 0.93864


[root at camelia-pc ~]# /usr/local/bin/ntpdc -c loopinfo camelia-pc
offset:               0.000000 s
frequency:            0.000 ppm
poll adjust:          0
watchdog timer:       289 s

[root at camelia-pc ~]# date
Wed Mar 22 08:08:09 IDT 2000

Like this even in cern I couldn't get krb authentication.
After this I simply changed the time with date command to cern time and I
succeeded to get a krb ticket in cern.ch and the results are :



t at camelia-pc ~]# /usr/local/bin/ntpd
[root at camelia-pc ~]# /usr/local/bin/ntptrace camelia-pc
camelia-pc.weizmann.ac.il: stratum 16, offset -0.000001, synch distance 0.00002
0.0.0.0:        *Not Synchronized*


[root at camelia-pc ~]# /usr/local/bin/ntpdc -p camelia-pc
     remote           local      st poll reach  delay   offset    disp
=======================================================================
=ymer.netcetera. 132.77.8.144     2   64    3 0.48047 55.956829 3.93774
=bernina-rz-fddi 132.77.8.144     2   64    1 0.11761 56.065479 7.93750
=whale.waikato.a 132.77.8.144     3   64    1 0.65112 55.938293 7.93750
=coyote.gw.uiuc. 132.77.8.144     2   64    1 0.59273 56.064561 7.93750
=triangle.kansas 5.0.0.0         16   64    0 0.00000  0.000000 0.00000
=afs3.cern.ch    5.0.0.0         16   64    0 0.00000  0.000000 0.00000
=ntp0.cs.strath. 132.77.8.144     2   64    1 0.10907 56.062576 7.93750
=tock.CS.UNLV.ED 132.77.8.144     2   64    1 0.45242 55.964213 7.93848
=CYAN.SRV.CS.CMU 132.77.8.144     2   64    1 0.58583 56.066664 7.93752
=tick.CS.UNLV.ED 132.77.8.144     3   64    1 0.45215 55.959246 7.93848
=castor.nevada.e 132.77.8.144     2   64    1 0.44640 55.978294 7.93774

[root at camelia-pc ~]# /usr/local/bin/ntpdc -c loopinfo camelia-pc
offset:               0.000000 s
frequency:            0.000 ppm
poll adjust:          0
watchdog timer:       182 s


But even with the hour changed for cern.ch,rhic.bnl.gov or desy.de  I
couldn't get kauth in rhic
and desy.de ;

for rhic I get the message 

kuath:Can't get inter-realm ticket granting ticket (get_ad_tkt)  

and for desy.de

kauth: Permission Denied (kerberos).

The truth is that now I'm very confused about what shall I do tho get
remote access to all afs cells at the same time.



Camelia Botez

System Administrator
Weizmann Institute of Science - Physics Faculty
E-mail
camelia.botez at weizmann.ac.il
Phone 972-8-9343288
Fax   972-8-9344106 or 972-8-9344102

More information about the Arla-drinkers mailing list