[OpenAFS] Re: Slightly unrelated question
John Perkins
john@cs.wisc.edu
Thu, 27 Jan 2011 13:40:36 -0600
On 01/27/2011 01:34 PM, Dan Pritts wrote:
> On a related note, we'd like to pass through authentication from AD to
> our MIT kerberos realm. There are various documents on the net that
> talk about this, and I'm told that it's done in various places (e.g.,
> umich), but we have been so far unable to make it work.
> Does anyone know of instructions on how to make this work with win2008? We are doing a greenfield AD install. I suppose we might consider using samba instead if that makes the process easier.
Check out http://technet.microsoft.com/en-us/library/bb742433.aspx (in
particular, Setting Trust with a Kerberos Realm). In this case you can
create user X, then log them in as "X@<REALM>" and get the same
permissions you've set for user X in your AD directory.
--
=========================================================================
John Perkins | University of Wisconsin-Madison
Researcher | Department of Computer Science
john@cs.wisc.edu | 1210 W. Dayton St.
608-262-0438/608-262-6626 FAX | Madison, WI 53706-1685
=========================================================================