From: Jack Johnson <fragment@nas.com>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] authdom still
Date: Thu, 11 Jul 2002 09:20:27 -0700 [thread overview]
Message-ID: <3D2DB04B.8070207@nas.com> (raw)
In-Reply-To: <004801c228d6$74c316d0$6501a8c0@xpire>
matt wrote:
> but I still get the dreaded
> authentication failure:auth server protocol botch
>
> /me giving up :(
>
> sys=tiger dom=tiger.punx ip=192.168.1.109 ether=00c0f0404d88
>
> sys=gw dom=gw.punx ip=192.168.1.1 ether=002078C5EB1A
>
> ipnet=lucid ip=192.168.1.0 ipmask=255.255.255.0
> ipgw=gw
> dns=194.168.4.100 # my isp
> dns=194.168.8.100 # my isp
> dnsdomain=punx
> auth=tiger authdom=punx
> cpu=tiger
Hi Matt,
I'm new at this, too, so take this all with a grain of salt.
The man pages say that the configuration should walk the IP path, but I
found that I had to specify the auth and authdom for the specific host
as well. It may be different if your CPU server is also your DHCP
server, I'm not sure.
So, something to try is changing your /lib/ndb/local entry for tiger to:
sys=tiger dom=tiger.punx ip=192.168.1.109 ether=00c0f0404d88
auth=tiger authdom=punx
In my environment, my CPU server is not my DHCP server, and configured
similarly to what you have going on currently, ndb/ipquery would not
return auth or authdom values for hosts in the ipnet.
For instance, I'm guessing using your current config that if you try:
ndb/ipquery ip 192.168.1.109 auth
you'll get a blank response, even though the documentation seems to say
otherwise. The way I read it, 'ndb/ipquery ip 192.168.1.anything auth'
*should* report auth=tiger but I haven't been able to replicate that
with any success (yet).
Someone please correct me if I'm wrong.
If you do get the correct auth response from the above command, a couple
of other things you could check (speaking from experience) is to ensure
that include=/lib/ndb/auth is in your /lib/ndb/local (if that's where
you made the change suggested in the wiki), make sure the information
and password you entered when the nvram checksum failed is the same that
you entered for bootes using auth/changeuser. One allows passwords of a
different length than the other, so choose wisely.
Other than that, good luck!
-Jack
next prev parent reply other threads:[~2002-07-11 16:20 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-07-11 9:45 [9fans] xscreensaver ports okamoto
2002-07-11 12:28 ` [9fans] authdom still matt
2002-07-11 16:20 ` Jack Johnson [this message]
2002-07-14 18:57 ` [9fans] authdom - working matt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3D2DB04B.8070207@nas.com \
--to=fragment@nas.com \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).