[hcoop/debian/openafs.git] / doc / man-pages / pod1 / tokens.pod

=head1 NAME

tokens, tokens.krb - Displays the issuer's tokens

=head1 SYNOPSIS

=for html
<div class="synopsis">

B<tokens> [B<-help>]

B<tokens> [B<-h>]

B<tokens.krb> [B<-help>]

B<tokens.krb> [B<-h>]

=for html
</div>

=head1 DESCRIPTION

The B<tokens> command displays all tokens (tickets) cached on the local
machine for the issuer. AFS server processes require that their clients
present a token as evidence that they have authenticated in the server's
local cell.

The (mostly obsolete) B<tokens.krb> command is the same as B<tokens>
except that it also displays the user's Kerberos v4 ticket cache.

=head1 OPTIONS

=over 4

=item B<-help>

Prints the online help for this command. All other valid options are
ignored.

=back

=head1 OUTPUT

The output lists one token for each cell in which the user is
authenticated. The output indicates the

=over 2

=item *

User's AFS UID, if it is available for display.

=item *

Server for which the token is valid (normally, afs).  This includes a cell
specification.

=item *

Day and time the token expires.

=back

The output of the Kerberos version of this command, B<tokens.krb>, also
reports the following about the Kerberos ticket-granting ticket: the
ticket owner, which Kerberos ticket-granting service that issued the
ticket (for example, C<krbtgt.EXAMPLE.COM>), and ticket's expiration date.

The string C<--End of list--> appears at the end of the output. If the
user is not authenticated in any cell, this line is all that appears.

=head1 EXAMPLES

The following example shows the output when the issuer is not
authenticated in any cell.

   % tokens
   Tokens held by the Cache Manager:

      --End of list--

The following example shows the output when the issuer is authenticated in
Example Corporation cell, where he or she has AFS UID 1000.

   % tokens
   Tokens held by the Cache Manager:

   User's (AFS ID 1000) tokens for afs@example.com [Expires Jan 2 10:00]
      --End of list--

The following example shows the output when the issuer is authenticated in
the Example Corporation cell, the Example Organization cell, and the Example
Network cell. The user has different AFS UIDs in the three cells. Tokens for
last cell are expired:

   % tokens
   Tokens held by the Cache Manager:

   User's (AFS ID 1000) tokens for afs@example.com [Expires Jan 3 10:00]
   User's (AFS ID 4286) tokens for afs@example.org [Expires Jan 3 1:34]
   User's (AFS ID 22) tokens for afs@example.net [>>Expired<]
      --End of list--

The following example shows the output when the issuer uses the
B<tokens.krb> version of the command after authenticating in the Example
Corporation cell using the B<klog.krb> command.

   % tokens.krb
   Tokens held by the Cache Manager:

   User's (AFS ID 1000) tokens for afs@example.com [Expires Jan 31 00:09]
   User smiths tokens for krbtgt.EXAMPLE.COM@example.com [Expires Jan 31 00:09]
      --End of list--

=head1 PRIVILEGE REQUIRED

None

=head1 SEE ALSO

L<klog(1)>,
L<unlog(1)>

=head1 COPYRIGHT

IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

This documentation is covered by the IBM Public License Version 1.0.  It was
converted from HTML to POD by software written by Chas Williams and Russ
Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
Commit	Line	Data
805e021f CE	1	=head1 NAME
	2
	3	tokens, tokens.krb - Displays the issuer's tokens
	4
	5	=head1 SYNOPSIS
	6
	7	=for html
	8	<div class="synopsis">
	9
	10	B<tokens> [B<-help>]
	11
	12	B<tokens> [B<-h>]
	13
	14	B<tokens.krb> [B<-help>]
	15
	16	B<tokens.krb> [B<-h>]
	17
	18	=for html
	19	</div>
	20
	21	=head1 DESCRIPTION
	22
	23	The B<tokens> command displays all tokens (tickets) cached on the local
	24	machine for the issuer. AFS server processes require that their clients
	25	present a token as evidence that they have authenticated in the server's
	26	local cell.
	27
	28	The (mostly obsolete) B<tokens.krb> command is the same as B<tokens>
	29	except that it also displays the user's Kerberos v4 ticket cache.
	30
	31	=head1 OPTIONS
	32
	33	=over 4
	34
	35	=item B<-help>
	36
	37	Prints the online help for this command. All other valid options are
	38	ignored.
	39
	40	=back
	41
	42	=head1 OUTPUT
	43
	44	The output lists one token for each cell in which the user is
	45	authenticated. The output indicates the
	46
	47	=over 2
	48
	49	=item *
	50
	51	User's AFS UID, if it is available for display.
	52
	53	=item *
	54
	55	Server for which the token is valid (normally, afs). This includes a cell
	56	specification.
	57
	58	=item *
	59
	60	Day and time the token expires.
	61
	62	=back
	63
	64	The output of the Kerberos version of this command, B<tokens.krb>, also
65	reports the following about the Kerberos ticket-granting ticket: the
66	ticket owner, which Kerberos ticket-granting service that issued the
67	ticket (for example, C<krbtgt.EXAMPLE.COM>), and ticket's expiration date.
68
69	The string C<--End of list--> appears at the end of the output. If the
70	user is not authenticated in any cell, this line is all that appears.
71
72	=head1 EXAMPLES
73
74	The following example shows the output when the issuer is not
75	authenticated in any cell.
76
77	% tokens
78	Tokens held by the Cache Manager:
79
80	--End of list--
81
82	The following example shows the output when the issuer is authenticated in
83	Example Corporation cell, where he or she has AFS UID 1000.
84
85	% tokens
86	Tokens held by the Cache Manager:
87
88	User's (AFS ID 1000) tokens for afs@example.com [Expires Jan 2 10:00]
89	--End of list--
90
91	The following example shows the output when the issuer is authenticated in
92	the Example Corporation cell, the Example Organization cell, and the Example
93	Network cell. The user has different AFS UIDs in the three cells. Tokens for
94	last cell are expired:
95
96	% tokens
97	Tokens held by the Cache Manager:
98
99	User's (AFS ID 1000) tokens for afs@example.com [Expires Jan 3 10:00]
100	User's (AFS ID 4286) tokens for afs@example.org [Expires Jan 3 1:34]
101	User's (AFS ID 22) tokens for afs@example.net [>>Expired<]
102	--End of list--
103
104	The following example shows the output when the issuer uses the
105	B<tokens.krb> version of the command after authenticating in the Example
106	Corporation cell using the B<klog.krb> command.
107
108	% tokens.krb
109	Tokens held by the Cache Manager:
110
111	User's (AFS ID 1000) tokens for afs@example.com [Expires Jan 31 00:09]
112	User smiths tokens for krbtgt.EXAMPLE.COM@example.com [Expires Jan 31 00:09]
113	--End of list--
114
115	=head1 PRIVILEGE REQUIRED
116
117	None
118
119	=head1 SEE ALSO
120
121	L<klog(1)>,
122	L<unlog(1)>
123
124	=head1 COPYRIGHT
125
126	IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
127
128	This documentation is covered by the IBM Public License Version 1.0. It was
129	converted from HTML to POD by software written by Chas Williams and Russ
130	Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.