openafs/doc/html/AdminReference/auarf199.htm

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 4//EN">
<HTML><HEAD>
<TITLE>Administration Reference</TITLE>
<!-- Begin Header Records  ========================================== -->
<!-- /tmp/idwt3672/auarf000.scr converted by idb2h R4.2 (359) ID      -->
<!-- Workbench Version (AIX) on 3 Oct 2000 at 16:18:30                -->
<META HTTP-EQUIV="updated" CONTENT="Tue, 03 Oct 2000 16:18:29">
<META HTTP-EQUIV="review" CONTENT="Wed, 03 Oct 2001 16:18:29">
<META HTTP-EQUIV="expires" CONTENT="Thu, 03 Oct 2002 16:18:29">
</HEAD><BODY>
<!-- (C) IBM Corporation 2000. All Rights Reserved    --> 
<BODY bgcolor="ffffff"> 
<!-- End Header Records  ============================================ -->
<A NAME="Top_Of_Page"></A>
<H1>Administration Reference</H1>
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf198.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Bot_Of_Page"><IMG SRC="../bot.gif" BORDER="0" ALT="[Bottom of Topic]"></A> <A HREF="auarf200.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P> 
<P>
<H2><A NAME="HDRKDB" HREF="auarf002.htm#ToC_213">kdb</A></H2>
<A NAME="IDX5173"></A>
<A NAME="IDX5174"></A>
<A NAME="IDX5175"></A>
<P><STRONG>Purpose</STRONG>
<P>Displays log or privileged actions performed by the Authentication Server
<P><STRONG>Synopsis</STRONG>
<PRE><B>kdb</B> [<B>-dbmfile</B> &lt;<VAR>dbmfile&nbsp;to&nbsp;use&nbsp;(default&nbsp;/usr/afs/logs/AuthLog)</VAR>>]  
    [<B>-key</B> &lt;<VAR>extract&nbsp;entries&nbsp;that&nbsp;match&nbsp;specified&nbsp;key</VAR>>]  [<B>-help</B>]
  
</PRE>
<P><STRONG>Description</STRONG>
<P>The <B>kdb</B> command displays the contents of the
<B>AuthLog.dir</B> and <B>AuthLog.pag</B> files
associated with the <B>AuthLog</B> file that resides on the local disk, by
default in the <B>/usr/afs/logs</B> directory. The files must exist
in that directory, which normally implies that the Authentication Server is
running on the machine. The files contain information on privileged
actions performed by the Authentication Server.
<P><STRONG>Cautions</STRONG>
<P>It is possible that on some operating systems that AFS otherwise supports,
the Authentication Server cannot create the
<B>/usr/afs/logs/AuthLog.dir</B> and
<B>/usr/afs/logs/AuthLog.pag</B> files, making this command
inoperative. See the <I>IBM AFS Release Notes</I> for
details.
<P><STRONG>Options</STRONG>
<DL>
<P><DT><B>-dbmfile
</B><DD>Specifies the pathname of the file to display. Provide either a
complete pathname, a pathname relative to the <B>/usr/afs/logs</B>
directory, or a filename only, in which case the file must reside in the
<B>/usr/afs/logs</B> directory. Omit this argument to display
information from the <B>AuthLog.dir</B> and
<B>AuthLog.pag</B> files in the <B>/usr/afs/logs</B>
directory.
<P><DT><B>-key
</B><DD>Specifies each entry to be displayed from the indicated file.
<P><DT><B>-help
</B><DD>Prints the online help for this command. All other valid options
are ignored.
</DL>
<P><STRONG>Output</STRONG>
<P>The first line of output indicates the location of the files from which the
subsequent information is derived:
<PRE>   Printing all entries found in <VAR>file_location</VAR>
</PRE>
<P>Each entry then includes the following two fields, separated by a
colon:
<DL>
<P><DT><B><TT>user/server</TT>
</B><DD>Identifies the user requesting the corresponding service and the server
that performed that service. In cases where no user is directly
involved, only the server appears; in cases where no server is directly
involved, only the user appears.
<P><DT><B><TT>service</TT>
</B><DD>Identifies one of the following actions or services performed by the user
or server process. 
<UL>
<P><LI><TT>auth</TT>: Obtained a ticket-granting ticket
<P><LI><TT>chp</TT>: Changed a user password
<P><LI><TT>cruser</TT>: Created a user entry in the Authentication
Database
<P><LI><TT>delu</TT>: Deleted a user entry from the Authentication
Database
<P><LI><TT>gtck</TT>: Obtained a ticket other than a ticket-granting
ticket
<P><LI><TT>setf</TT>: Set fields in an Authentication Database entry
<P><LI><TT>unlok</TT>: Unlocked an Authentication Database entry
</UL>
</DL>
<P>The final line of output sums the number of entries.
<P><STRONG>Examples</STRONG>
<P>The following example shows the output of the <B>kdb</B> command in the
ABC Corporation cell (<B>abc.com</B>):
<PRE>   % <B>kdb</B>
   Printing all entries found in /usr/afs/logs/AuthLog
   admin,krbtgt.ABC.COM:auth
   admin,afs:gtck
   admin:cruser
   admin:delu
   4 entries were found
   
</PRE>
<P><STRONG>Privilege Required</STRONG>
<P>The issuer must be logged in as the local superuser <B>root</B>.
<P><STRONG>Related Information</STRONG>
<P><A HREF="auarf013.htm#HDRWQ5">AuthLog.dir, AuthLog.pag</A>
<P><A HREF="auarf102.htm#HDRBOS_GETLOG">bos getlog</A>
<P><A HREF="auarf198.htm#HDRKASERVER">kaserver</A>
<P>
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf198.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Top_Of_Page"><IMG SRC="../top.gif" BORDER="0" ALT="[Top of Topic]"></A> <A HREF="auarf200.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P> 
<!-- Begin Footer Records  ========================================== -->
<P><HR><B> 
<br>&#169; <A HREF="http://www.ibm.com/">IBM Corporation 2000.</A>  All Rights Reserved 
</B> 
<!-- End Footer Records  ============================================ -->
<A NAME="Bot_Of_Page"></A>
</BODY></HTML>