[OpenAFS] Windows client options
Sun, 19 Dec 2010 10:53:56 -0500
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
Content-Type: text/plain; charset=UTF-8
On 12/19/2010 10:09 AM, Jaap Winius wrote:
> Hi folks,
> So far, I've been able to get Linux clients to work perfectly with my
> MIT Kerberos V / OpenLDAP / OpenAFS servers. No need to create any loca=
> accounts: anyone with a network account can login to any workstation an=
> none of their personal files are stored locally.
> I hope I'm wrong, but the same doesn't seem to be possible with Windows=
> clients. I've been experimenting with a WinXP (SP3) Pro test machine
> running Kerberos for Windows 3.2.2 and OpenAFS for Windows 1.5.7800. It=
> seems to work fine, as I can authenticate and access all of my files on=
> the network. However, I still have to start by logging in to a local
> Windows account.
> Is it possible to configure a Windows XP client for single-sign-on, so
> that locally no pre-existing account or knowledge of any users is
> required? If so, can it also be set up so that the user's home
> directories are stored in OpenAFS?
OpenLDAP is not a replacement for Active Directory. You either need to
manage local Windows accounts that are mapped to Kerberos identities for
logon or you need to use Active Directory (or an Active Directory
equivalent) to manage the accounts for you.
In either case, once you have accounts defined for users those accounts
can have roaming profiles stored in AFS.
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
-----END PGP SIGNATURE-----