[OpenAFS] OpenAFS + Active Directory documentation
Josh Fiske
jfiske@clarkson.edu
Thu, 23 Apr 2009 19:27:48 -0400
This is a multi-part message in MIME format.
------_=_NextPart_001_01C9C46B.1D51CE0C
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hi all,
=20
I've been doing alot of research recently... We have an old (circa =
2003) AFS cell and are looking at replacing those aging servers. For =
our new implementation, I hope to (read as: "have received an edict =
that we must...") be able to use Active Directory as the authentication =
source. Initially, I began the new server installation following the =
Quick Start guide[1], but it still uses kaserver (krb4)...so that was =
right out. =20
=20
I found a PDF from a 2006 presentation by Derrick Brashear[2], but =
without actually hearing the presentation I'm not convinced that I'll be =
able to step through the requisite steps successfully. I also found =
some notes here[3], but lacking step-by-step documentation, I'm afraid =
that I'm mostly lost.
=20
Can anyone point me towards some detailed documentation on the subject? =
If no documentation exists, might someone be able to help step me =
through the process? If the latter, I would be happy to create detailed =
(step-by-step) documentation of the setup to share with the community =
(perhaps as an update to the Quick Start guide[1]).
=20
Thanks much,
=20
Josh
=20
[1] =
http://www.openafs.org/pages/doc/QuickStartUnix/auqbg005.htm#HDRWQ41
[2] http://workshop.openafs.org/afsbpw06/talks/shadow-AD.pdf
[3] =
http://knowhow.asu.ntu-kpi.kiev.ua/index.php/%D0%9D%D0%B0%D1%81%D1%82%D1%=
80%D0%BE%D0%B9%D0%BA%D0%B0_AFS_and_Active_Directory_interoperability
- - - -
Joshua Fiske '03, '04
Network and Security Engineer
Clarkson University, Office of Information Technology
(315) 268-6722 -- Fax: (315) 268-6570
I route, therefore you are.
Think before you print.
CONFIDENTIALITY: This e-mail (including any attachments) may contain =
confidential, proprietary and privileged information, and unauthorized =
disclosure or use is prohibited. If you received this e-mail in error, =
please notify the sender and delete this e-mail from your system.
------_=_NextPart_001_01C9C46B.1D51CE0C
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<HTML dir=3Dltr><HEAD>=0A=
<META http-equiv=3DContent-Type content=3D"text/html; charset=3Dunicode">=0A=
<META content=3D"MSHTML 6.00.6000.16809" name=3DGENERATOR></HEAD>=0A=
<BODY>=0A=
<DIV id=3DidOWAReplyText47437 dir=3Dltr>=0A=
<DIV dir=3Dltr><FONT face=3DArial color=3D#000000 size=3D2>Hi =
all,</FONT></DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial size=3D2></FONT> </DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial size=3D2>I've been doing alot of =
research recently... We have an old (circa 2003) AFS cell and are =
looking at replacing those aging servers. For our new =
implementation, I hope to (read as: "have received an edict that =
we must...") be able to use Active Directory as the =
authentication source. Initially, I began the new server =
installation following the Quick Start guide[1], but it still uses =
kaserver (krb4)...so that was right out. </FONT></DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial size=3D2></FONT> </DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial size=3D2>I found a PDF from a 2006 =
presentation by Derrick Brashear[2], but without actually hearing the =
presentation I'm not convinced that I'll be able to step through the =
requisite steps successfully. I also found some notes here[3], but =
lacking step-by-step documentation, I'm afraid that I'm mostly =
lost.</FONT></DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial size=3D2></FONT> </DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial size=3D2>Can anyone point me towards =
some detailed documentation on the subject? If no documentation =
exists, might someone be able to help step me through the process? =
If the latter, I would be happy to create detailed (step-by-step) =
documentation of the setup to share with the community (perhaps as an =
update to the Quick Start guide[1]).</FONT></DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial size=3D2></FONT> </DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial size=3D2>Thanks much,</FONT></DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial size=3D2></FONT> </DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial size=3D2>Josh</FONT></DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial color=3D#000000 =
size=3D2></FONT> </DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial size=3D2>[1] <A =
href=3D"http://www.openafs.org/pages/doc/QuickStartUnix/auqbg005.htm#HDRW=
Q41">http://www.openafs.org/pages/doc/QuickStartUnix/auqbg005.htm#HDRWQ41=
</A></FONT></DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial size=3D2>[2] <A =
href=3D"http://workshop.openafs.org/afsbpw06/talks/shadow-AD.pdf">http://=
workshop.openafs.org/afsbpw06/talks/shadow-AD.pdf</A></FONT></DIV>=0A=
<DIV dir=3Dltr><FONT face=3DArial size=3D2>[3] <A =
href=3D"http://knowhow.asu.ntu-kpi.kiev.ua/index.php/%D0%9D%D0%B0%D1%81%D=
1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0_AFS_and_Active_Directory_interoperabil=
ity">http://knowhow.asu.ntu-kpi.kiev.ua/index.php/%D0%9D%D0%B0%D1%81%D1%8=
2%D1%80%D0%BE%D0%B9%D0%BA%D0%B0_AFS_and_Active_Directory_interoperability=
</A></FONT></DIV></DIV>=0A=
<DIV id=3DidSignature45404 dir=3Dltr><PRE>- - - -=0A=
Joshua Fiske '03, '04=0A=
Network and Security Engineer=0A=
Clarkson University, Office of Information Technology=0A=
(315) 268-6722 -- Fax: (315) 268-6570=0A=
I route, therefore you are.=0A=
=0A=
Think before you print.=0A=
=0A=
CONFIDENTIALITY: This e-mail (including any attachments) may contain =
confidential, proprietary and privileged information, and unauthorized =
disclosure or use is prohibited. If you received this e-mail in error, =
please notify the sender and delete this e-mail from your =
system.</PRE></DIV></BODY></HTML>
------_=_NextPart_001_01C9C46B.1D51CE0C--