[OpenAFS] Integrated Windows Logon
Jeffrey Altman
jaltman@secure-endpoints.com
Fri, 1 Apr 2011 13:04:06 -0500
--Apple-Mail-7--896179474
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=utf-8
See appendix A.2.1 for details on specifying per logon domain configuration i=
ncluding the authentication realm.
Sent from my iPad
On Apr 1, 2011, at 9:27 AM, Hugo Monteiro <hugo.monteiro@fct.unl.pt> wrote:
> Hello list,
>=20
> =46rom the documentation, available at http://docs.openafs.org/ReleaseNote=
sWindows/ch03s06.html, one can read:
>=20
> "(...) For example, if the Windows username is "jaltman" and the default c=
ell is "athena.mit.edu", then Integrated Logon can be successfully used if t=
he windows password matches the password assigned to the Kerberos principal "=
jaltman@ATHENA.MIT.EDU". The realm "ATHENA.MIT.EDU" is obtained by performin=
g a domain name to realm mapping on the hostname of one of the cell's Volume=
Database servers."
>=20
> My question is how can i change this domain to realm mapping? The problem i=
s that the cell i'm trying to access does not have the name my kerberos real=
m and so the principal name will not be correct.
>=20
> Please advise,
>=20
> Hugo Monteiro.
>=20
> --=20
> fct.unl.pt:~# cat .signature
>=20
> Hugo Monteiro
> Email : hugo.monteiro@fct.unl.pt
> Telefone : +351 212948300 Ext.15307
> Web : http://hmonteiro.net
>=20
> Divis=C3=A3o de Inform=C3=A1tica
> Faculdade de Ci=C3=AAncias e Tecnologia da
> Universidade Nova de Lisboa
> Quinta da Torre 2829-516 Caparica Portugal
> Telefone: +351 212948596 Fax: +351 212948548
> www.fct.unl.pt apoio@fct.unl.pt
>=20
> fct.unl.pt:~# _
--Apple-Mail-7--896179474
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
charset=utf-8
<html><body bgcolor=3D"#FFFFFF"><div>See appendix A.2.1 for details on speci=
fying per logon domain configuration including the authentication realm.<br>=
<br>Sent from my iPad</div><div><br>On Apr 1, 2011, at 9:27 AM, Hugo Monteir=
o <<a href=3D"mailto:hugo.monteiro@fct.unl.pt">hugo.monteiro@fct.unl.pt</=
a>> wrote:<br><br></div><div></div><blockquote type=3D"cite"><div>
Hello list,<br>
<br>
=46rom the documentation, available at
<a class=3D"moz-txt-link-freetext" href=3D"http://docs.openafs.org/Relea=
seNotesWindows/ch03s06.html"><a href=3D"http://docs.openafs.org/ReleaseNotes=
Windows/ch03s06.html">http://docs.openafs.org/ReleaseNotesWindows/ch03s06.ht=
ml</a></a>, one can
read:<br>
<br>
"(...) <span class=3D"Apple-style-span" style=3D"border-collapse:
separate; color: rgb(0, 0, 0); font-family: 'Times New Roman';
font-style: normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; line-height: normal; orphans: 2;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; font-size: medium;">For example, if
the Windows username is "jaltman" and the default cell is
"<a href=3D"http://athena.mit.edu">athena.mit.edu</a>", then Integrate=
d Logon can be successfully used
if the windows password matches the password assigned to the
Kerberos principal <a class=3D"moz-txt-link-rfc2396E" href=3D"mailto:j=
altman@ATHENA.MIT.EDU">"<a href=3D"mailto:jaltman@ATHENA.MIT.EDU">jaltman@AT=
HENA.MIT.EDU</a>"</a>. The realm
"<a href=3D"http://ATHENA.MIT.EDU">ATHENA.MIT.EDU</a>" is obtained by p=
erforming a domain name to realm
mapping on the hostname of one of the cell's Volume Database
servers.</span>"<br>
<br>
My question is how can i change this domain to realm mapping? The
problem is that the cell i'm trying to access does not have the name
my kerberos realm and so the principal name will not be correct.<br>
<br>
Please advise,<br>
<br>
Hugo Monteiro.<br>
<br>
<pre class=3D"moz-signature" cols=3D"72">--=20
fct.unl.pt:~# cat .signature
Hugo Monteiro
Email : <a class=3D"moz-txt-link-abbreviated" href=3D"mailto:hugo.montei=
ro@fct.unl.pt"><a href=3D"mailto:hugo.monteiro@fct.unl.pt">hugo.monteiro@fct=
.unl.pt</a></a>
Telefone : +351 212948300 Ext.15307
Web : <a class=3D"moz-txt-link-freetext" href=3D"http://hmonteiro.net">=
<a href=3D"http://hmonteiro.net">http://hmonteiro.net</a></a>
Divis=C3=A3o de Inform=C3=A1tica
Faculdade de Ci=C3=AAncias e Tecnologia da
Universidade Nova de Lisboa
Quinta da Torre 2829-516 Caparica Portugal
Telefone: +351 212948596 Fax: +351 212948548
<a class=3D"moz-txt-link-abbreviated" href=3D"http://www.fct.unl.pt"><a href=
=3D"http://www.fct.unl.pt">www.fct.unl.pt</a></a> <a class=3D=
"moz-txt-link-abbreviated" href=3D"mailto:apoio@fct.unl.pt"><a href=3D"mailt=
o:apoio@fct.unl.pt">apoio@fct.unl.pt</a></a>
fct.unl.pt:~# _
</pre>
=20
</div></blockquote></body></html>=
--Apple-Mail-7--896179474--