From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Tue, 5 Nov 1996 12:09:24 -0600 From: Brandon Black photon@nol.net Subject: Need more help.... PC Plan 9 Net Topicbox-Message-UUID: 50efffa8-eac8-11e9-9e20-41e7f4b1d025 Message-ID: <19961105180924.99ZRaIGY5PpIsIhA7i0FaHAwRoYDQvpnz-OtCON7DIU@z> Well... I've gotten farther along the road than I was, but I have once again come across a roadblock that is getting frustrating... brief view of the system's setup is: 3 PC's (1 file server, one cpu/auth, one terminal), 3c509 and 509B cards in them, all 486/Pentium machines w/ 32Mb RAM each.. fs has a 2Gb drive on an AHA1542CF controller. Systems was set up as per the directions in the book, except (thanks Forsyth) chaning the "Auth Server Address" that the Auth server asks for to 0.1.0.0 instead of 0.0.0.0 (using the real IP address of itself works too, but is slower, so I've stuck to 0.1.0.0).... Set up like this, I could boot and use the file and cpu servers fine, but couldn't get a terminal to boot under a regular username, only as none. With a regular username, authentication failed when attaching to the fileserver. Then I discovered in the web page version of the install docs a missing step in the book: Doing an "auth/changeuser" on the Auth-ID after you bring your auth/cpu server up the first time. Armed with the new knowledge, I re-installed from scratch, including this step, and now I can log into the terminal machine as a normal user, and everything seems fine... two funny things are still bugging me, so I _know_ I still have something wrong.... 1. Other than a breif mention on putting the normal user accounts of the system programmers into the "sys" group, no docs make mention of special group assignments being neccesary for the authid user itself. I found that in order to perform routine maintenance tasks on the cpu server console (i.e. add users, edit /lib/ndb/local, change timezone, etc...), I had to use the fileserver console's newuser command to addn my authid user to the "sys" and "adm" groups.... The sys part seems right to me... but surely my adding my authid to the adm group is a workaround hack for something else i did wrong..... If I leave the authid out of the "adm" memberlist, when I add a new user, keyfs says: "Can't write keyfile"..... 2. While I can boot a terminal under a normal username now, and the attach works, permissions and functionailty all seem to be in place, anything I try to do on the terminal that requires additional authentication fails.... the "passwd" command says cs can't translate the address: net!$auth!ticket ... even if i define an env var. called "auth" to be the hostname of the cpu/auth server, it still says that.... the "con" and "cpu" commands, when used to try to get a shell on the cpu server, both fail with something like: "gatekeeper: can't connect to AS" (gatekeeper is the name of the AS, and the machine I'm con/cpu-ing to)... Can anyone make sense of all this and tell me the fatal flaw(s) in my system setup that I must correct to get around these authentication problems? .............................................. : Brandon Lee Black : photon@gnu.ai.mit.edu : :....................: photon@nol.net : : "Sanity is the : photon@vanity.ops.org : : trademark of a : vis_blb@unx1.shsu.edu : : weak mind. . ." : +1 713 397 3490 : :....................:.......................: