[OpenAFS-devel] Modifing afscreds.exe on W2K to useLSACallAuthenticationPackage
Neulinger, Nathan
nneul@umr.edu
Mon, 16 Jun 2003 16:07:40 -0500
Unfortunately, most users who are using k5 on windows are probably using
it with AD, and with AD you're screwed if you use groups, cause your
tickets get enormous. That's why my modified krb524d has to decrypt and
strip off the extra ticket data, then re-encrypt, in order to use
rxkad2b.=20
For non-AD sites, it might work.=20
-- Nathan
------------------------------------------------------------
Nathan Neulinger EMail: nneul@umr.edu
University of Missouri - Rolla Phone: (573) 341-4841
Computing Services Fax: (573) 341-4216
> -----Original Message-----
> From: Douglas E. Engert [mailto:deengert@anl.gov]=20
> Sent: Monday, June 16, 2003 3:11 PM
> To: openafs-devel@openafs.org
> Subject: [OpenAFS-devel] Modifing afscreds.exe on W2K to=20
> useLSACallAuthenticationPackage
>=20
>=20
>=20
> Has anyone looked at modifing the afscreds.exe to use the=20
> Microsoft LSACallAuthenticationPackage to get a K5 ticket
> for afs@realm? It looks like this would be an easy way to
> get a token, now that OpenAFS can take a K5 ticket as a token.
>=20
> This should easily work when the cellname =3D=3D realmname.
>=20
> =20
>=20
>=20
>=20
> --=20
>=20
> Douglas E. Engert <DEEngert@anl.gov>
> Argonne National Laboratory
> 9700 South Cass Avenue
> Argonne, Illinois 60439=20
> (630) 252-5444
> _______________________________________________
> OpenAFS-devel mailing list
> OpenAFS-devel@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-devel
>=20