[OpenAFS] OpenAFS and Samba 3.0

[Holger Brückner]

could you explain this a little bit further ?!?

looks like an interesting approach. 

greetings

Holger Brueckner

On Wed, 2003-07-16 at 15:03, Leif Johansson wrote:
> Nathan Neulinger wrote:
> 
> >No, it will not. There is no way to delegate credentials to the samba
> >server, which is what would be required.
> >  
> >
> Strictly speeking that is true but you can cheat. If you allow your 
> samba server
> to have access to the AFS key (hey it's a fileserver anyway and should 
> be protected
> as such) you can use a program (it's actually in the heimdal distro) 
> which lets you
> create the users afs ticket in a root preexec statement. Its basically 
> saying "I trust
> whatever way was used to authenticate the user up to this point and now 
> I am
> starting over and creating the tokens I need." There is no strong 
> cryptographic
> association between the user client side credentials (from the domain) 
> and the
> credentials used in talking to AFS but it works and gets the job done.
> 
>        MVH leifj
> 
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info