[OpenAFS-devel] PAM auth multiple domains.
Charles Clancy
security@xauth.net
Wed, 6 Nov 2002 09:05:01 -0600 (CST)
On Tue, 5 Nov 2002, Sean O'Malley wrote:
> Ah! It sounds like the patch isn't installed in the OpenAFS
> 1.2.7 RPMS i used install. (I didnt try very hard but AFS didnt like the
> new kernel.) And I didnt feel like screwing with recompiling AFS.
Try:
http://ismene.csl.uiuc.edu/~tclancy/openafs-1.2.7-pam-linux.tgz
It seems my original patch worked fine on Solaris, but seems to have some
issues on Linux -- probably why it's not in the current release. See if
those work for you. They work for me under RedHat 7.3.
> The problem is I was hoping to auth and set a token for two different
> domains based on the requested service. For example: Netatalk would auth
> and set a token for msu.edu and samba would set a token for test.msu.edu
As long as the usernames are the same, or you have both sets of usernames
available in /etc/passwd, or wherever, it should be fine.
The original intent of the option was to allow you to grab two tokens in
different cells when logging in.
[ t charles clancy ]--[ tclancy@uiuc.edu ]--[ www.uiuc.edu/~tclancy ]