[OpenAFS] New "B" question: Samba versus AFS.

Charles Clancy security@xauth.net
Mon, 2 Dec 2002 11:56:48 -0600 (CST)


> > You do not need a  Samba translator for using / accessing AFS on Win95
> > oder Win98 oder ME! We successfully use "AFSforWindows9x.exe" for
> > those old systems.
> > (http://www.openafs.org/dl/openafs/1.2.2b/win9x/AFSforWindows9x.exe)
>
> Because this translator is not really multi-user. It would end up as an
> ugly hack. For example, there is no integration into the "Login-Sytem"
> of Win9x. It's basically a single-user AFS client. Or did I miss
> something?

Heh... the thought of Win9x being multiuser is amusing.  Certainly the AFS
client for Win9x is singleuser.

I admit it would be possible to convolute Win9x into being just multiuser
enough to make running the OpenAFS client out of the startup group
difficult to manage.  But, if you go to all that trouble to make Win9x be
multiuser, why not run Win2K or XP?

> > Why else do you have to use samba?
>
> For setting up a Windows Domain, logon scripts and printing just to name
> a few.

But from my experience, you can't use it as a PDC if you're using it for
AFS, because of the password issues.  It wouldn't be too hard to hack
Samba to use smbpasswd for machine accounts and PAM authentication for
everything else, but it didn't support that last time I checked.

Therefore, the only thing you'd get is printing, which could easily be
done any number of other ways.

If you are successfully running samba as a PDC and doing AFS
authentication, I'd really like to know how you did it.

[ t charles clancy ]--[ tclancy@uiuc.edu ]--[ www.uiuc.edu/~tclancy ]