[OpenAFS] SMB AFS Gateway

[seph]

> I've been looking into using Samba as an SMB to AFS Gateway.  

what sort of gateway? are you looking to just serve stuff anonymously?
since you're playing with passwords, I assume you need more access
controls. Can you use an IP acl to allow the samba server to access
certain directories, and serve them anonymously? 

a somewhat messier solution would be to give the samba server access
to the directoris you want to export (via IP acl) and maintain a
seperate passwd file so samba can do it's own authentication. 

> This setup works except our workstations are configured to only
> use encrypted passwords and for Samba to work as a gateway the passwords
> must be passed in clear-text so the PAM can take the password and get
> tokens.  

I think you just lose. you might be able to do something with ksamba,
but I have no idea how maintained or current it
is. (http://rsug.itd.umich.edu/software/ksamba.html)

I'd also be concerend that samba may not keep different ticket files
and PAGs for each user's session.

> I'm curious what anyone else has done or recommends.

just using the windows openafs client would be simpler.

seph