[OpenAFS] Windows client options
Jaap Winius
jwinius@umrk.nl
Mon, 20 Dec 2010 13:43:21 +0100
Quoting omalleys@msu.edu:
> You might be able to use pgina which is a windows login screen replacement.
>
> There was someone working on a kerberos plugin for it. I am not sure
> how far they got. (I haven't tried the 2.x series) I do know I had
> openldap (with failover) working with it via a sasl-pam mech. I
> didn't get the kerberos plugin working but that was in the 1.6.x or
> 1.8.x series. ) ...
> Here is what I found for the pgina krb5 plugin:
> http://pages.cs.wisc.edu/~timc/pgina/
Although it would not be as ideal as Samba4 with a working AD domain
controller, pGina sounds like a great alternative. However, since I'm
using Windows XP only, that means I would still be restricted to the
last version of pGina 1.x: v1.8.8 from December the 6th, 2006. See
these pGina pages:
http://www.pgina.org/index.php/Main_Page
http://www.pgina.org/index.php/PGina_1.x_Downloads
In addition, judging from the contents of the link you supplied, timc
meant his plugin to work with pGina 2.x, and he hasn't updated his
plugin since October the 6th, 2008.
Therefore, I'm going to conclude that pGina v1.8.8 does not support
Kerberos out of the box, or else timc would not have bothered, and
that his plugin will not work with it either, just as you discovered
for yourself earlier. Pity.
Thanks anyway, though. If, in lieu of Samba4, a Vista machine, or a
more modern Windows client, appears on any of my
Kerberos/OpenLDAP/OpenAFS networks, then I will certainly remember to
give your solution a try!
Cheers,
Jaap