openafs/doc/html/AdminReference/auarf235.htm

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 4//EN">
<HTML><HEAD>
<TITLE>Administration Reference</TITLE>
<!-- Begin Header Records  ========================================== -->
<!-- /tmp/idwt3672/auarf000.scr converted by idb2h R4.2 (359) ID      -->
<!-- Workbench Version (AIX) on 3 Oct 2000 at 16:18:30                -->
<META HTTP-EQUIV="updated" CONTENT="Tue, 03 Oct 2000 16:18:29">
<META HTTP-EQUIV="review" CONTENT="Wed, 03 Oct 2001 16:18:29">
<META HTTP-EQUIV="expires" CONTENT="Thu, 03 Oct 2002 16:18:29">
</HEAD><BODY>
<!-- (C) IBM Corporation 2000. All Rights Reserved    --> 
<BODY bgcolor="ffffff"> 
<!-- End Header Records  ============================================ -->
<A NAME="Top_Of_Page"></A>
<H1>Administration Reference</H1>
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf234.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Bot_Of_Page"><IMG SRC="../bot.gif" BORDER="0" ALT="[Bottom of Topic]"></A> <A HREF="auarf236.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P> 
<P>
<H2><A NAME="HDRTOKENS" HREF="auarf002.htm#ToC_249">tokens</A></H2>
<A NAME="IDX5475"></A>
<A NAME="IDX5476"></A>
<A NAME="IDX5477"></A>
<A NAME="IDX5478"></A>
<A NAME="IDX5479"></A>
<A NAME="IDX5480"></A>
<P><STRONG>Purpose</STRONG>
<P>Displays the issuer's tokens
<P><STRONG>Synopsis</STRONG>
<PRE><B>tokens</B> [<B>-help</B>]
   
<B>tokens</B> [<B>-h</B>]
</PRE>
<P><STRONG>Description</STRONG>
<P>The <B>tokens</B> command displays all tokens (tickets) cached on the
local machine for the issuer. AFS server processes require that their
clients present a token as evidence that they have authenticated in the
server's local cell.
<TABLE><TR><TD ALIGN="LEFT" VALIGN="TOP"><B>Note:</B></TD><TD ALIGN="LEFT" VALIGN="TOP">The <B>tokens.krb</B> version of this command is intended for use
by sites that employ standard Kerberos authentication for their
clients. The <B>tokens.krb</B> command provides all of the
functionality of the <B>tokens</B> command. In addition, it
provides information on the Kerberos tickets stored in the file specified by
the KRBTKFILE environment variable (the <B>/tmp/tkt</B><VAR>X</VAR> file,
where <VAR>X</VAR> is the number of the user's PAG).
</TD></TR></TABLE>
<P><STRONG>Options</STRONG>
<DL>
<P><DT><B>-help
</B><DD>Prints the online help for this command. All other valid options
are ignored.
</DL>
<P><STRONG>Output</STRONG>
<P>The output lists one token for each cell in which the user is
authenticated. The output indicates the
<UL>
<P><LI>User's AFS UID, if it is available for display.
<P><LI>Server for which the token is valid (normally, <B>afs</B>).
This includes a cell specification.
<P><LI>Day and time the token expires.
</UL>
<P>The output of the Kerberos version of this command,
<B>tokens.krb</B>, also reports the following about the Kerberos
ticket-granting ticket: the ticket owner, which Kerberos ticket-granting
service that issued the ticket (for example,
<B>krbtgt.ABC.COM</B>), and ticket's expiration
date.
<P>The string <TT>--End of list--</TT> appears at the end of the
output. If the user is not authenticated in any cell, this line is all
that appears.
<P><STRONG>Examples</STRONG>
<P>The following example shows the output when the issuer is not authenticated
in any cell.
<PRE>   % <B>tokens</B>
   Tokens held by the Cache Manager:
   
      --End of list--
   
</PRE>
<P>The following example shows the output when the issuer is authenticated in
ABC Corporation cell, where he or she has AFS UID 1000.
<PRE>   % <B>tokens</B>
   Tokens held by the Cache Manager:
   
   User's (AFS ID 1000) tokens for afs@abc.com [Expires Jan 2 10:00]
      --End of list--
   
</PRE>
<P>The following example shows the output when the issuer is authenticated in
the ABC Corporation cell, the State University cell, and the XYZ Company
cell. The user has different AFS UIDs in the three cells. Tokens
for last cell are expired:
<PRE>   % <B>tokens</B>
   Tokens held by the Cache Manager:
      
   User's (AFS ID 1000) tokens for afs@abc.com [Expires Jan 3 10:00]
   User's (AFS ID 4286) tokens for afs@stateu.edu [Expires Jan 3 1:34]
   User's (AFS ID 22) tokens for afs@xyz.com [>>Expired&lt;]
      --End of list--
   
</PRE>
<P>The following example shows the output when the issuer uses the
<B>tokens.krb</B> version of the command after authenticating in
the ABC Corporation cell using the <B>klog.krb</B> command.
<PRE>   % <B>tokens.krb</B>
   Tokens held by the Cache Manager:
      
   User's (AFS ID 1000) tokens for afs@abc.com [Expires Jan 31 00:09]
   User smiths tokens for krbtgt.ABC.COM@abc.com [Expires Jan 31 00:09]
      --End of list--
   
</PRE>
<P><STRONG>Privilege Required</STRONG>
<P>None
<P><STRONG>Related Information</STRONG>
<P><A HREF="auarf200.htm#HDRKLOG">klog</A>
<P><A HREF="auarf238.htm#HDRUNLOG">unlog</A>
<P>
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf234.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Top_Of_Page"><IMG SRC="../top.gif" BORDER="0" ALT="[Top of Topic]"></A> <A HREF="auarf236.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P> 
<!-- Begin Footer Records  ========================================== -->
<P><HR><B> 
<br>&#169; <A HREF="http://www.ibm.com/">IBM Corporation 2000.</A>  All Rights Reserved 
</B> 
<!-- End Footer Records  ============================================ -->
<A NAME="Bot_Of_Page"></A>
</BODY></HTML>