[OpenAFS] MacOSX with reliable AFS homedirs?
Franco "Sensei"
Sensei <senseiwa@tin.it>
Fri, 04 Feb 2005 10:41:37 -0600
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig7A7A88750EF01FB17CC9C8A3
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Troy Benjegerdes wrote:
> Has anyone gotten Krb5, ldap, and AFS homedirs working reliably?
>
> We've had to resort to setting up each individual users with a startup
> items script to run aklog.
>
> I've tried the 'kfm_aklog' plugin, but it doesn't seem to work, and none
> of the apple login hook stuff seems to work.
>
> What is the equivalent of a linux PAM line like:
>
> session libpam-openafs-session.so debug
I have set up macosx for your combination. Install k5 and aklog for osx
along with openafs for osx (configuring it), make the directory service
aware of your ldap setting (ldap must use the posixAccount schema,
remember!), modify edu.mit.Kerberos, and finally modify the
authorization in /private/etc/authorization --- works perfectly. Google
for osx kerberos --- you'll find many pages on the topic.
Hope it helped.
--
Sensei <mailto:senseiwa@tin.it> <pgp:8998A2DB>
<icqnum:241572242>
<yahoo!:sensei_sen>
<msn-id:sensei_sen@hotmail.com>
--------------enig7A7A88750EF01FB17CC9C8A3
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCA6XE4LBKhYmYotsRAgwmAJ0ZVCZPniC5R1tGNvKpxl3FyUFv1wCcC7IS
NSIu8zECjVZ0R6S8fHVq4tQ=
=M8vW
-----END PGP SIGNATURE-----
--------------enig7A7A88750EF01FB17CC9C8A3--