[OpenAFS] Authenticating against krb5-only KDC (active directory)

Nathan Neulinger nneul@umr.edu
Thu, 07 Mar 2002 06:47:18 -0600


> Hmm but how do I get access to the krb5-token stashed by windows at login?

> Is this possible without having to run the old win32 kerberos5 kit, so users
> have to type in their password twice, once for logging on to windows, and once
> for doing kinit+aklog?

You run ms2mit. That copies the des-cbc-crc ticket from lsa stash to
ccache. Sometime someone should make a LSA-direct version of aklog, or
integrate ms2mit into aklog, but I doubt that will happen any time soon. 

If you put ms2mit, and aklog in your startup items, that should take
care of everything for you on windows. (Might need to rename to make
sure ms2mit runs first or use a script of some sort).

> 
> Best,
> Jacob
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info

-- 


------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul@umr.edu
University of Missouri - Rolla         Phone: (573) 341-4841
Computing Services                       Fax: (573) 341-4216