From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <3D2DB04B.8070207@nas.com> From: Jack Johnson User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.0.0) Gecko/20020530 MIME-Version: 1.0 To: 9fans@cse.psu.edu Subject: Re: [9fans] authdom still References: <20020711094617.5D2FD19AA0@mail.cse.psu.edu> <004801c228d6$74c316d0$6501a8c0@xpire> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Date: Thu, 11 Jul 2002 09:20:27 -0700 Topicbox-Message-UUID: c968a41a-eaca-11e9-9e20-41e7f4b1d025 matt wrote: > but I still get the dreaded > authentication failure:auth server protocol botch > > /me giving up :( > > sys=tiger dom=tiger.punx ip=192.168.1.109 ether=00c0f0404d88 > > sys=gw dom=gw.punx ip=192.168.1.1 ether=002078C5EB1A > > ipnet=lucid ip=192.168.1.0 ipmask=255.255.255.0 > ipgw=gw > dns=194.168.4.100 # my isp > dns=194.168.8.100 # my isp > dnsdomain=punx > auth=tiger authdom=punx > cpu=tiger Hi Matt, I'm new at this, too, so take this all with a grain of salt. The man pages say that the configuration should walk the IP path, but I found that I had to specify the auth and authdom for the specific host as well. It may be different if your CPU server is also your DHCP server, I'm not sure. So, something to try is changing your /lib/ndb/local entry for tiger to: sys=tiger dom=tiger.punx ip=192.168.1.109 ether=00c0f0404d88 auth=tiger authdom=punx In my environment, my CPU server is not my DHCP server, and configured similarly to what you have going on currently, ndb/ipquery would not return auth or authdom values for hosts in the ipnet. For instance, I'm guessing using your current config that if you try: ndb/ipquery ip 192.168.1.109 auth you'll get a blank response, even though the documentation seems to say otherwise. The way I read it, 'ndb/ipquery ip 192.168.1.anything auth' *should* report auth=tiger but I haven't been able to replicate that with any success (yet). Someone please correct me if I'm wrong. If you do get the correct auth response from the above command, a couple of other things you could check (speaking from experience) is to ensure that include=/lib/ndb/auth is in your /lib/ndb/local (if that's where you made the change suggested in the wiki), make sure the information and password you entered when the nvram checksum failed is the same that you entered for bootes using auth/changeuser. One allows passwords of a different length than the other, so choose wisely. Other than that, good luck! -Jack