[OpenAFS] Future of AFS? Interesting Ideas!?

Ken Hornstein kenh@cmf.nrl.navy.mil
Tue, 07 Jan 2003 13:51:45 -0500

>> I wish Outlook _did_ do Kerberos; that's rather unfortunate, since
>> MS even ships with Kerberos in the OS and they have no excuse.
>> However, other than Outlook, things aren't bad.  Eudora and Mulberry
>> both support Kerberos for POP/IMAP/SMTP, and so does the "Mail"
>> app that ships with OS X.  These are real applications that are
>> production quality, and our users seem to be happy with them.
>The following Article (MS Technet) may be of interest to you:

Unfortunately, this document doesn't help.  What needs to happen is that
MS needs to add support for Kerberos 5/GSSAPI to Outlook; until that
happens, it doesn't solve the problem.

>I am not sure whether it is possible to logon to a unix box with only a 
>kerbereos ticket. Where would the uid/guid information come from??

Your LDAP server, probably.

>Of course you could use NIS for uid/guid things to work, but I really hate the 
>concepts of NIS - It`s flat!

Well, it's designed to emulate a Unix password file ... which is flat.
The "flatness" doesn't really bother me.  The lack of security in NIS