[OpenAFS] Windows clients: suggestions?

Sensei senseiwa@tin.it
Thu, 29 Jul 2004 14:43:30 +0200

On Thu, 2004-07-29 at 14:04, Jeffrey Altman wrote:  
> There is no LDAP involved in Windows account management unless you are
> using Active Directory.   Windows won't even try to look for it.  If
> you are using local Windows accounts on individual machines then you
> must use the local Windows tools to manage those accounts.

I know. The point is that I would be happy to manage remote accounts,
not local ones, since kerberos+afs work only when a local windows
account has the same identifier of the krb principal (as well as the pts
user). Having 700 accounts and 50 windows machines, is pretty insane to
make 35000 accounts! :) I'm looking for a solution a la active
directory, without supplying an AD server, so that I can manage
everything from one single server (debian stable).

Is seems that samba should work fine for this goal, but it adds a layer
over afs, kerberos 5, ldap, sasl, gssapi... anyway, if it's the only way
of having things work like AD... Very bad that AD is krb, ldap, dns (and
smb) but can't be ``faked'' with single krb, ldap and dns.

> My point is, "what do you expect me or anyone else to do about a bug
> if you do not tell us about it?"  

Nothing, and I don't mean anyone to do anything, since the version 66
hasn't this bug. I would have reported a bug in case it was still there.
Sensei    <mailto:senseiwa@tin.it>
Error: Keyboard not found. Press F1 to continue...