[OpenAFS-devel] Windows login by myself... hints?
Sensei
senseiwa@tin.it
Mon, 09 Aug 2004 21:04:23 +0200
On Mon, 2004-08-09 at 18:27, Jeffrey Altman wrote:
> You can use remote profiles stored in AFS. Your problem is that
> you need to support all of the special integration which an Active
> Directory provides. Since you cannot do that with Unix servers as
> no one has finished implementing a Unix based replacement, you must
> use cross-realm Kerberos and mix Active Directory and the Unix
> infrastructure. Several very large sites do this.
Yes, you're right. The problem is that it's pretty expensive mantaining
an AD server along with unix servers: would be much better to have just
unix servers and linux/windows clients (we have also aix clients). My
idea is then to rewrite the windows login. First authenticating over MIT
K5, then gaining the afs token, setting up a user profile over the
user's afs volume and then login.
I hope to make it work.
> You do not want to look at klog since that is kauth (kerberos iv) based.
> You want to look at aklog or the afskfw library both of which are part
> of the Windows distribution.
Yes, I'm sorry, I intended the aklog file. Another question: the afs
service starts after a user logs in if I'm right. Is there the
possibility of having this server run as the windows client starts?
Something like we set up usually on linux clients.
--
Sensei <mailto:senseiwa@tin.it>
<icqnum:241572242>
<msn-id:Sensei_Sen@hotmail.com>
Error: Keyboard not found. Press F1 to continue...