making kerberosV and afs work on your (freshly installed) OpenBSD 3.6 box:

david l goodrich
www.dorkzilla.org/~dlg


just copy-paste everything until the beginning of the patch
to a console logged in as root.


# set up the config files
cp /etc/kerberosV/krb5.conf.example /etc/kerberosV/krb5.conf
cat >> /etc/rc.local << EOF
afs=YES
ntpd_flags=""
EOF
mkdir -p -m 0755 /afs
mount -t xfs /dev/xfs0 /afs
ftp -o - http://www.dorkzilla.org/~dlg/ISU-OpenBSD-kerberos.patch | patch
# then start the daemons
/usr/libexec/afsd
/usr/sbin/ntpd
# end of commands


--- /etc/kerberosV/krb5.conf	Fri Sep 17 12:59:14 2004
+++ /etc/kerberosV/krb5.conf	Thu Jan 20 23:43:23 2005
@@ -17,8 +17,14 @@
 #
 [libdefaults]
 	# Set the realm of this host here
-        default_realm = MY.REALM
+        default_realm = IASTATE.EDU
+        krb4_get_tickets = true
+        krb5_get_tickets = true
+        forwardable = true
+        afslog = yes
+        dns_lookup_kdc = no
 
+
 	# Maximum allowed time difference between KDC and this host
 	clockskew = 300
 
@@ -27,25 +33,14 @@
 	# no-addresses = yes
 
 [realms]
-	MY.REALM = {
-		# Specify KDC here
-		kdc = kerberos.my.domain
-
-		# Administration server, used for creating users etc.
-		admin_server = kerberos.my.domain
+	IASTATE.EDU = {
+		kdc = kerberos-1.iastate.edu 
 	}
 
-	# Example of a "foreign" realm
-	OTHER.REALM = {
-		kdc = kerberos.other.domain
-		default_domain = other.domain
-		v4_domains = other.domain
-	}
-
 # This sections describes how to figure out a realm given a DNS name
 [domain_realm]
-	.my.domain = MY.REALM
-
+	iastate.edu = IASTATE.EDU
+	.iastate.edu = IASTATE.EDU
 
 [kadmin]
 	# This is the trickiest part of a Kerberos installation. See the