[OpenAFS-devel] Document for authenticating against MIT K5/krb524d ?

[Derrick J Brashear]

On Wed, 9 Jan 2002, Adam Thornton wrote:

> > I'm with him; However the only document I can provide specifies how to
> > convert from a kaserver to Heimdal.
> 
> There's no particular reason, other than I already have MIT K5 in place.
> 
> Let me be a little clearer about what I want to do:
> 
> This is a brand new cell and realm: there is no existing data to be
> migrated.  So do I just need an afs@REALM principal on the KDC, and
> ka-forwarder in place on the OpenAFS machines?  There are no preexisting
> keys or kvnos that I have; do I still need to create them with kaserver
> and then migrate them, or can I just create them on the KDC?  Do I just
> skip creating the kaserver with bos and instead create a ka-forwarder?

skip the kaserver and truthfully if you don't need klog you can also skip
ka-forwarder and just use a krb5 aklog (heimdal includes afslog)

-D