[OpenAFS] integrated logon for Solaris and AFS
J S
vervoom@hotmail.com
Tue, 27 Apr 2004 10:35:10 +0000
>
>>
>> >You should use PAM instead of modifying /bin/login!
>>
>>FWIW, we use here a modified version of the Kerberos 5 login program on
>>our systems (including Solaris). I got tired of fighting with the various
>>different PAM APIs across systems, and it didn't cover all of them. I
>>can only say "it works for us", and I seem to spend less time changing
>>login.krb5 & the few other things that take a Kerberos password than I
>>would if I was messing around with PAM modules ... so I'm happy with that
>>decision.
>>
>>--Ken
>
>
>Thanks Ken. I'll look into that option.
>
>The main thing is that I don't screw up the other users. I only want to set
>this up for one user
>
I'm having some difficulty with this single sign on- Would be grateful if
anyone could help me out!
I've built kerberos5 but having problems setting that up. I can't replace
/bin/login because I only want to set up this up for one user.
Does anyone know what version the kerberos is on the IBM's AFS transarc
build?
Will the kerberos 5 client be compatible with that?
Also I'm not sure if I've configured krb5.conf correctly either. When I run
kinit I get this reply back:
# ./kinit
kinit(v5): Initial Ticket response appears to be Version 4 error while
getting initial credentials
Lastly is there an easier way of doing this?!!!
Thanks alot.
JS.
_________________________________________________________________
Use MSN Messenger to send music and pics to your friends
http://www.msn.co.uk/messenger