Kerberos authentication problem on MacOS X
Samuel L. Bayer
sam at linus.mitre.org
Thu Apr 12 19:49:43 CEST 2001
All -
I'm running MacOS X 10.0 on a G4. I downloaded the prebuilt ARLA
package for Darwin 1.3 from the ARLA home page, and also the source
package for 0.35.3. I set up ARLA from the binary package using the
INSTALL instructions in the source package.
We use AFS locally at my company, and we have a local cell served by
Transarc AFS 3.6, patch level 2, which uses Kerberos 4
authentication. I can view our local public AFS space with no problem;
however, I cannot authenticate to our Kerberos server. Here's what I
get:
sam% /usr/arla/bin/klog
Unable to find service afs3-prserver/udp, using port 7002
sam at rcf.mitre.org's Password:
kerberos-iv/udp unknown service, using default port 750
/usr/arla/bin/klog: Unable to authenticate to Kerberos: Can't send request (send_to_kdc)
I get the same message when I use the kinit command which comes with
MacOS X:
sam% kinit -4 sam at rcf.mitre.org
Password for sam at rcf.mitre.org:
kinit(v4): Can't send request (send_to_kdc)
I've found a number of potential reasons for this error on the Web,
none of which are my problem:
- no appropriate entries in /etc/services (the defaults seem to be the
right defaults, and our AFS and Kerberos servers are using the same
defaults)
- unsynchronized system clock (synchronized the clock, still broken)
- network connectivity problems (I can telnet to hosts on the same
subnet as the AFS server server; I can't log
in to the AFS server directly because login is disabled for
nonsysadmins)
I know that the Kerberos client is finding the server, because when I
feed it a bad cell name, it reports that it can't find a server for
that cell.
Any ideas?
Thanks in advance -
Sam Bayer
The MITRE Corporation
sam at mitre.org
More information about the Arla-drinkers
mailing list