[OpenAFS-devel] Information on Windows 2k Integrated Logon
James Peterson
jimpeter@us.ibm.com
Fri, 7 Sep 2001 15:25:08 -0700
First - what is your interest in this area? Curiosity? Burning desire to
improve AFS? Adding new features?
That is; how can I support you in a better way?
Integrated logon is done in machine context as compared to compared to user
context. This presents problems with the SMB client knowing who the user
is.
Basically the service is notified when a logon event happens via call back:
NPLogonNotify
Located in \winnt\afsd\afslogon.c: NPLogonNotify().
Within this procedure a call is made to ka_UserAuthenticateGeneral() to
obtain a token. The token is gotten via an RPC call.
Note: Win9x integrated logon is much less phsopsicated (place a short cut
in the startup area).
Neither OS methods work for dialup networks.
Neither OS supports drive mapping based on user name unless a user profile
is defined for each user.
Win9x currently doesn't support mutiple users logon (can't access the login
password).
I look forward to further dialog.
James Peterson
"Integrity is the base of excellence."