[OpenAFS] Mapping btw. AFS tokens and Kerberos tickets (Heimdal)

[Volker Lendecke]

--r5Pyd7+fXNt84Ff3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Nov 09, 2005 at 01:26:44PM +0300, Education Center wrote:

> AFS includes its own implementation of Kerberos, the KAServer. However, n=
ew
> installs of KAServer are not recommended as it is based on a draft versio=
n of
> the obsolete Kerberos 4 protocol. Even though AFS doesn't support Kerbero=
sV
> directly, it is highly recommended that you set up a KerberosV realm for =
your
> AFS cell and not install the KAServer. See KerberosV for the many advanta=
ges
> of using the latest Kerberos for your network authentication.=20

Please ignore my ignorance, but when reading the OpenAFS 1.4 release notes I
find the lines:

> OpenAFS 1.4.0 also represents a significant step forward for Kerberos 5
> integration.  This release allows Kerberos 5 KDCs including Microsoft
> Active Directory to be the source of AFS client authentication.

Do the various AFS server accept Kerberos V tickets natively or don't they =
do
it? If they don't, what exactly do you mean by the entry in the release not=
es?=20

I'm interested because I might have to somehow acquire or generate Krb5 tic=
kets
in the Samba fake kaserver.=20

Thanks,

Volker

--r5Pyd7+fXNt84Ff3
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFDcnYUUROFNttXCWYRApKIAKDPPIpJ3MJR/92moLILi0JsK6oY6QCdGtBa
bhvrAC8vW4Xb3fYs2l6YSx4=
=RzW0
-----END PGP SIGNATURE-----

--r5Pyd7+fXNt84Ff3--