Integrated Login problem

R. Laatsch a0049 at
Sun Nov 18 04:22:54 EST 2012

Dear all,
there is a problem with Integrated Login here.

This is my setup:
Server: 'slinux.localdomain' (SL58) with AFS cell test.rl and krb5kdc for realm TEST2.RL
(not the standard name).
The Afs version is openafs-1.6.1, the krb5 version is krb5-1.10.3 .
The kdc has entries for the user and afs/test.rl (DES type).

Client: Windows-7 (VirtualBox) with AFS, KfW, NIM installed. Realm set to TEST2.RL
The KfW version is MIT 3.2.2

Login to the Client gives an 'unknown RPC error (-1765328164)' and no AFS token.
Doing manually 'gssklog.exe' (with password), i do get a token.
But there seems to be no 'gssklog Auth Provider' for NIM, that could help circumvent the 
'wrong realm name' problems.
On the linux server after kinit user, aklog -d gets me a working token. 

The realm name was chosen to check out problems under Windows.
I do *NOT* want CrossRealm Authentication.

Any help in this matter would be greatly appreciated.

Somewhere I found 'linked cells' mentioned (double named cells in CellServDB), but no hints
to do it correctly. Did someone use this to bypass above problem?

Best regards

More information about the Kerberos mailing list