[OpenAFS] integrated logon for Solaris and AFS

J S vervoom@hotmail.com
Tue, 27 Apr 2004 10:35:10 +0000

>> >You should use PAM instead of modifying /bin/login!
>>FWIW, we use here a modified version of the Kerberos 5 login program on
>>our systems (including Solaris).  I got tired of fighting with the various
>>different PAM APIs across systems, and it didn't cover all of them.  I
>>can only say "it works for us", and I seem to spend less time changing
>>login.krb5 & the few other things that take a Kerberos password than I
>>would if I was messing around with PAM modules ... so I'm happy with that
>Thanks Ken. I'll look into that option.
>The main thing is that I don't screw up the other users. I only want to set 
>this up for one user

I'm having some difficulty with this single sign on- Would be grateful if 
anyone could help me out!
I've built kerberos5 but having problems setting that up. I can't replace 
/bin/login because I only want to set up this up for one user.
Does anyone know what version the kerberos is on the IBM's AFS transarc 
Will the kerberos 5 client be compatible with that?
Also I'm not sure if I've configured krb5.conf correctly either. When I run 
kinit I get this reply back:
# ./kinit
kinit(v5): Initial Ticket response appears to be Version 4 error while 
getting initial credentials
Lastly is there an easier way of doing this?!!!

Thanks alot.


Use MSN Messenger to send music and pics to your friends