(Illustration by Gaich Muramatsu)
>> [root_at_sandbox3 ~]# ctokens >> >> Tokens [local user id: root] >> >> [root_at_sandbox3 ~]# clog -method kerberos5 coda_admin_user_at_coda.realm >> -tokenserver sandbox2.host.domain 370 -krealm KERBEROS.REALM -kdc >> sandbox2.host.domain -servprinc coda/coda.realm >> Password for coda_admin_user/default_at_coda.realm: >> [root_at_sandbox3 ~]# ctokens >> >> Tokens [local user id: root] >> >> [root_at_sandbox3 ~]# ls /coda/ > > That looks bad. You should see a token but there is nothing? > >> So, no errors on clog! Progress! > > Not as much, unfortunately :) > >> why can't I see /coda/coda.realm? > > Normally you do not see a Coda realm until you supply its name to "ls", > but clog is usually sufficient to make it appear. > > Can you manage to get tokens with coda password instead? > I guess there is some other problem, possibly not Kerberos-related. Found the following for setting the password for a new user: http://www.coda.cs.cmu.edu/doc/ps/manual.ps.gz Apparently you create the user via pdbtool (already done). Then set the password by issuing an "au" command (something you had also mentioned in an earlier correspondance). I have created users with pdbtool, so that is done. However, I am unclear whether the following "au" dialog is asking for an admin user/pass or whether is is asking for the actual user/pass of the new user. Either way, it doesn't work: [root_at_sandbox2 ~]# au -h sandbox2.host.domain nu Your Vice name: newly_created_coda_user_at_coda.realm Your password:[blank] RPC2_Bind() --> RPC2_NOTAUTHENTICATED (F) [root_at_sandbox2 ~]# au -h sandbox2.host.domain nu Your Vice name: newly_created_coda_user_at_coda.realm Your password:[random_password] RPC2_Bind() --> RPC2_NOTAUTHENTICATED (F) [root_at_sandbox2 ~]# au -h sandbox2.host.domain nu Your Vice name: coda_admin Your password:[blank] RPC2_Bind() --> RPC2_NOTAUTHENTICATED (F) [root_at_sandbox2 ~]# au -h sandbox2.host.domain nu Your Vice name: coda_admin_at_coda.realm Your password:[blank] RPC2_Bind() --> RPC2_NOTAUTHENTICATED (F) [root_at_sandbox2 ~]# au -h sandbox2.host.domain nu Your Vice name: kerberos_admin_at_KERBEROS.REALM Your password:[blank] RPC2_Bind() --> RPC2_NOTAUTHENTICATED (F) Beyond not knowing the format of the user to type in and which user/pass (though I'm pretty sure it is asking for auth info for sufficient writes to update the coda password db), I do not know what the default coda password is for newly created accounts. Similarly, I do not know the password for the default coda user "realmadmin" (created by install, but I don't recall setting a password?). >> Also, I'd like to clarify whether a "coda.realm" is what this page refers >> to as "Coda volume": > > No. A Coda realm is definitely a totally different thing than a Cdoa > volume. > >> http://www.coda.cs.cmu.edu/trac/wiki/CodaHOWTO/Introduction > > Oh terrible thing, they call a Coda realm for "Coda cell" in this > document. Really confusing. > > This page is clearly many years out of date. It is certainly misleading > for an inexperienced reader. I think that ought to be the motto for coda. It is encouraging to see that it has already been updated. Regards, -Don {void}Received on 2010-01-21 07:17:08