[OpenAFS] Re: what is aklog's algorithm for "deducing" what cell to authenticate to?

Adam Megacz megacz@cs.berkeley.edu
Wed, 28 Dec 2005 10:35:16 -0800

Modifying all those krb5.conf's is not an option (clueless users can't
be expected to do this), so I have no other choice.  Fortunately many
libkrb5's _do_ know about RFC2052.

BTW, I think understanding and valuing this sort of scenario -- where
the AFS admin does not control the client machines and users are
unsophisticated -- is an important hurdle that the OpenAFS community
still needs to get over.  Afsdb/dynroot were a big step in this
direction, though!

  - a

Ken Hornstein <kenh@cmf.nrl.navy.mil> writes:
>>  perform kerberos server discovery (RFC2052) on server.bar.com
>>       -> usually something.bar.com (depends on DNS entries)
> Be careful ... aklog doesn't know anything about RFC2052; it just calls
> a Kerberos library function.  What that does depends on your Kerberos
> implementation.
> --Ken

PGP/GPG: 5C9F F366 C9CF 2145 E770  B1B8 EFB1 462D A146 C380