NAME

       tokens, tokens.krb - Displays the issuer's tokens

SYNOPSIS

       tokens [-help]

       tokens [-h]

       tokens.krb [-help]

       tokens.krb [-h]

DESCRIPTION

       The tokens command displays all tokens (tickets) cached on the local machine for the
       issuer. AFS server processes require that their clients present a token as evidence that
       they have authenticated in the server's local cell.

       The (mostly obsolete) tokens.krb command is the same as tokens except that it also
       displays the user's Kerberos v4 ticket cache.

OPTIONS

       -help
           Prints the online help for this command. All other valid options are ignored.

OUTPUT

       The output lists one token for each cell in which the user is authenticated. The output
       indicates the

       • User's AFS UID, if it is available for display.

       • Server for which the token is valid (normally, afs).  This includes a cell
         specification.

       • Day and time the token expires.

       The output of the Kerberos version of this command, tokens.krb, also reports the following
       about the Kerberos ticket-granting ticket: the ticket owner, which Kerberos ticket-
       granting service that issued the ticket (for example, "krbtgt.ABC.COM"), and ticket's
       expiration date.

       The string "--End of list--" appears at the end of the output. If the user is not
       authenticated in any cell, this line is all that appears.

EXAMPLES

       The following example shows the output when the issuer is not authenticated in any cell.

          % tokens
          Tokens held by the Cache Manager:


             --End of list--
       The following example shows the output when the issuer is authenticated in ABC Corporation
       cell, where he or she has AFS UID 1000.

          % tokens
          Tokens held by the Cache Manager:

          User's (AFS ID 1000) tokens for afs@abc.com [Expires Jan 2 10:00]

             --End of list--
       The following example shows the output when the issuer is authenticated in the ABC
       Corporation cell, the State University cell, and the XYZ Company cell. The user has
       different AFS UIDs in the three cells. Tokens for last cell are expired:

          % tokens
          Tokens held by the Cache Manager:

          User's (AFS ID 1000) tokens for afs@abc.com [Expires Jan 3 10:00]
          User's (AFS ID 4286) tokens for afs@stateu.edu [Expires Jan 3 1:34]
          User's (AFS ID 22) tokens for afs@xyz.com [>>Expired<]

             --End of list--
       The following example shows the output when the issuer uses the tokens.krb version of the
       command after authenticating in the ABC Corporation cell using the klog.krb command.

          % tokens.krb
          Tokens held by the Cache Manager:

          User's (AFS ID 1000) tokens for afs@abc.com [Expires Jan 31 00:09]
          User smiths tokens for krbtgt.ABC.COM@abc.com [Expires Jan 31 00:09]

             --End of list--

PRIVILEGE REQUIRED

       None

SEE ALSO

       klog(1), unlog(1)

COPYRIGHT

       IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

       This documentation is covered by the IBM Public License Version 1.0.  It was converted
       from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by
       Alf Wachsmann and Elizabeth Cassell.