[OpenAFS] Off-topic, anyone tried this?

Michael Lasevich openafslist@lasevich.net
Tue, 21 May 2002 13:47:19 -0700

I am using RedHat 7.2 for AFS server and UNIX client (Win2k for the windows
client) with "Active Directory" on win2k domain server as my K5 server
(using a patched  version of MIT's krb524d running on my AFS server to
convert the tickets)

I can do kinit/aklog from command line without a problem.
I can get a K5 ticket at login (PAM) time, however I cannot get aklog to run
from PAM (thus cannot place the home dirs into AFS space as I want). I tried
several pam plugins, but for some reason none have worked.

I suspect the problem is that the modded krb524d deamon (running on a UNIX
machine) uses afs/cell@REALM ticket instead of krbtgt/cell@REALM to do the
conversion (I know this cause some issues with the windows client) Though I
am not an expert on the subject, I am suspecting this is what the standard
krb524lib using pam modules try (but then again, why does the aklog
executable work??)


> "Michael Lasevich" <openafslist@lasevich.net> writes:
> > (ironically I got the Windows part to work, but cannot get PAM to
> > kinit/aklog properly on Linux - works fine from the command line)
> What Linux distro are you using?
> Are you using MIT-K5, Heimdal, or KAServer?
> -derek
> --
>        Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
>        Member, MIT Student Information Processing Board  (SIPB)
>        URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
>        warlord@MIT.EDU                        PGP key available