[OpenAFS] is this what windows folks call "integrated login"?
Sat, 21 Aug 2010 23:03:47 +0000
I have a MacOS laptop. My username and local password on the laptop
happen to match my kerberos username and password. My kerberos tickets
expire after 10 hours, but are renewable for 10 *days*.
It occurred to me that it would be nifty if my laptop acquired kerberos
tickets for me when I logged in (during the brief window when my
un-hashed password is present in laptop RAM), and made an attempt to
renew them once an hour (if connected to the network). This would save
me having to do a separate kinit after logging in, and having to
re-kinit every 10 hours. I've got a screensaver lock and encrypt my
swapfile, so I'm not too worried about physical theft issues resulting
in ticket theft.
Is there a piece of software that does this? It's been a long, long
time since I used Windows, but it sounds like this feature is what the
Windows client calls "integrated login". Or maybe not. Either way, is
there a way to get MacOS to do this?