[OpenAFS] Integrated Windows Logon

Hugo Monteiro hugo.monteiro@fct.unl.pt
Fri, 01 Apr 2011 15:27:58 +0100


This is a multi-part message in MIME format.
--------------010509090500010707020407
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit

Hello list,

 From the documentation, available at 
http://docs.openafs.org/ReleaseNotesWindows/ch03s06.html, one can read:

"(...) For example, if the Windows username is "jaltman" and the default 
cell is "athena.mit.edu", then Integrated Logon can be successfully used 
if the windows password matches the password assigned to the Kerberos 
principal "jaltman@ATHENA.MIT.EDU". The realm "ATHENA.MIT.EDU" is 
obtained by performing a domain name to realm mapping on the hostname of 
one of the cell's Volume Database servers."

My question is how can i change this domain to realm mapping? The 
problem is that the cell i'm trying to access does not have the name my 
kerberos realm and so the principal name will not be correct.

Please advise,

Hugo Monteiro.

-- 
fct.unl.pt:~# cat .signature

Hugo Monteiro
Email	 : hugo.monteiro@fct.unl.pt
Telefone : +351 212948300 Ext.15307
Web      : http://hmonteiro.net

Divisão de Informática
Faculdade de Ciências e Tecnologia da
		   Universidade Nova de Lisboa
Quinta da Torre   2829-516 Caparica   Portugal
Telefone: +351 212948596   Fax: +351 212948548
www.fct.unl.pt                apoio@fct.unl.pt

fct.unl.pt:~# _


--------------010509090500010707020407
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
  </head>
  <body text="#000000" bgcolor="#ffffff">
    Hello list,<br>
    <br>
    From the documentation, available at
    <a class="moz-txt-link-freetext" href="http://docs.openafs.org/ReleaseNotesWindows/ch03s06.html">http://docs.openafs.org/ReleaseNotesWindows/ch03s06.html</a>, one can
    read:<br>
    <br>
    "(...) <span class="Apple-style-span" style="border-collapse:
      separate; color: rgb(0, 0, 0); font-family: 'Times New Roman';
      font-style: normal; font-variant: normal; font-weight: normal;
      letter-spacing: normal; line-height: normal; orphans: 2;
      text-indent: 0px; text-transform: none; white-space: normal;
      widows: 2; word-spacing: 0px; font-size: medium;">For example, if
      the Windows username is "jaltman" and the default cell is
      "athena.mit.edu", then Integrated Logon can be successfully used
      if the windows password matches the password assigned to the
      Kerberos principal <a class="moz-txt-link-rfc2396E" href="mailto:jaltman@ATHENA.MIT.EDU">"jaltman@ATHENA.MIT.EDU"</a>. The realm
      "ATHENA.MIT.EDU" is obtained by performing a domain name to realm
      mapping on the hostname of one of the cell's Volume Database
      servers.</span>"<br>
    <br>
    My question is how can i change this domain to realm mapping? The
    problem is that the cell i'm trying to access does not have the name
    my kerberos realm and so the principal name will not be correct.<br>
    <br>
    Please advise,<br>
    <br>
    Hugo Monteiro.<br>
    <br>
    <pre class="moz-signature" cols="72">-- 
fct.unl.pt:~# cat .signature

Hugo Monteiro
Email	 : <a class="moz-txt-link-abbreviated" href="mailto:hugo.monteiro@fct.unl.pt">hugo.monteiro@fct.unl.pt</a>
Telefone : +351 212948300 Ext.15307
Web      : <a class="moz-txt-link-freetext" href="http://hmonteiro.net">http://hmonteiro.net</a>

Divis&atilde;o de Inform&aacute;tica
Faculdade de Ci&ecirc;ncias e Tecnologia da
		   Universidade Nova de Lisboa
Quinta da Torre   2829-516 Caparica   Portugal
Telefone: +351 212948596   Fax: +351 212948548
<a class="moz-txt-link-abbreviated" href="http://www.fct.unl.pt">www.fct.unl.pt</a>                <a class="moz-txt-link-abbreviated" href="mailto:apoio@fct.unl.pt">apoio@fct.unl.pt</a>

fct.unl.pt:~# _
</pre>
  </body>
</html>

--------------010509090500010707020407--