[OpenAFS] OpenAFS 1.7.3/Heimdal 1.5.1 64-bit Auto-login oddity
Fri, 09 Dec 2011 16:53:57 -0500
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
Content-Type: text/plain; charset=UTF-8
There is no ability in Vista or Win7 for a ticket to be obtained during
the Network Provider logon and stored in the MIT API session credential
cache. The explorer logon hook that was used in XP/2003 to do so no
My plan is to develop a new credential cache mechanism that relies
on the Authentication Groups that are now in kernel with the afs
There is no funding for this project.
On 12/9/2011 4:28 PM, Billy Beaudoin wrote:
> I've got OpenAFS 1.7.3 x64, OpenAFS 1.7.3 x86 tools, Heimdal 1.5.2
> x64, and NIM 2.0 x64 installing via Group Policy on a 64-bit box.
> Specifying domain-specific cell/realm info for auto-login in the
> registry, and using dns for everything in the krb5.conf. Everything
> works perfectly on login, I get tokens, browsing \\afs is a dream. But
> when I launch NIM or do a klist, the kerberos TGT and afs/ tickets
> aren't there (which makes renewal and other stuff not work), and there
> isn't an error in the NIM log or the Event log after turning on
> tracing. If I get tickets via NIM, I get everything I'd expect. klist
> -d doesn't give me the same info that NIM does unless I specify the
> API cache using a klist -c. So I know something is wrong with my
> configuration, its credential cache related, and hopefully obvious to
> someone else but I've been staring at it way too long.
> Billy Beaudoin
> ITECS Systems
> NC State University
> OpenAFS-info mailing list
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
-----END PGP SIGNATURE-----