[OpenAFS] New "B" question: Samba versus AFS.

Tino Schwarze tino.schwarze@informatik.tu-chemnitz.de
Tue, 3 Dec 2002 10:02:21 +0100 

On Mon, Dec 02, 2002 at 11:56:48AM -0600, Charles Clancy wrote:
> > > You do not need a  Samba translator for using / accessing AFS on Win95
> > > oder Win98 oder ME! We successfully use "AFSforWindows9x.exe" for
> > > those old systems.
> > > (http://www.openafs.org/dl/openafs/1.2.2b/win9x/AFSforWindows9x.exe)
> >
> > Because this translator is not really multi-user. It would end up as an
> > ugly hack. For example, there is no integration into the "Login-Sytem"
> > of Win9x. It's basically a single-user AFS client. Or did I miss
> > something?
> 
> Heh... the thought of Win9x being multiuser is amusing.  
> Certainly the AFS client for Win9x is singleuser.
> 
> I admit it would be possible to convolute Win9x into being just multiuser
> enough to make running the OpenAFS client out of the startup group
> difficult to manage.  But, if you go to all that trouble to make Win9x be
> multiuser, why not run Win2K or XP?

You've got some 10 spare licenses and about two weeks of time? This is a
_school_ -> no money available, use what you have, everything done
voluntarily in spare time.

> > > Why else do you have to use samba?
> >
> > For setting up a Windows Domain, logon scripts and printing just to name
> > a few.
> 
> But from my experience, you can't use it as a PDC if you're using it for
> AFS, because of the password issues.  It wouldn't be too hard to hack
> Samba to use smbpasswd for machine accounts and PAM authentication for
> everything else, but it didn't support that last time I checked.
> 
> Therefore, the only thing you'd get is printing, which could easily be
> done any number of other ways.
> 
> If you are successfully running samba as a PDC and doing AFS
> authentication, I'd really like to know how you did it.

I'm not really sure about the terminology (PDC etc.). I guess, machine
accounts are not neccessary when using Win9x, only for >=NT. I can only
say that we entered a "domain" name somewhere on the Windows boxes
(there's a dialog box where you can specify workgroup xor domain and we
made the boxes join the domain) and Logon is verified via Samba (via
PAM).

Bye, Tino.

-- 
             * LINUX - Where do you want to be tomorrow? *
                  http://www.tu-chemnitz.de/linux/tag/