[OpenAFS] Windows client questions

Charles Clancy security@xauth.net
Thu, 23 Jan 2003 18:40:46 -0600 (CST)

On Thu, 23 Jan 2003, Ryan Underwood wrote:

> (What is the best way to automate this for user logons?)

For 2K and XP you can setup your machine for direct kerberos logins
(there's a whitepaper on MS's site about it).  Then put 'wake' in the
startup group to convert your MS krb5 TGT into an MIT one and do an aklog
automatically.  For NT4, there's no nice shortcuts.

> However, here is what happens on Win98 (1.2.2b OpenAFS release):
> - Open Control Center
> - Erase username and password, and click "Connect" with both fields empty
> - Client afsd starts, AFS root is opened up in Explorer
> - kinit, gets ticket no problem for some username
> - aklog -- crashes with page fault.
> Any ideas?  The aklog is the one with timestamp 5/99 that is under the nt-98
> directory in the krb5 migration kit.

Is the aklog.exe in the same directory as kinit.exe and friends?  It needs
to be able to find krb5.ini.  I remember the UNIX aklog used to segfault
if it couldn't find krb5.conf.

[ t charles clancy ]--[ tclancy@uiuc.edu ]--[ www.uiuc.edu/~tclancy ]