[OpenAFS] Re: Slightly unrelated question
Fri, 28 Jan 2011 14:53:57 -0500
> Quoting Marc Dionne <firstname.lastname@example.org>:
>> On Thu, Jan 27, 2011 at 10:53 AM, Andrew Deason
>> <email@example.com> wrote:
>>> Integration with the Windows login system I believe is almost always
>>> done via AD. I think it's possible to not use AD if someone wrote a
>>> Kerberos pGina plugin (or maybe Samba, but that's just replacing AD, not
>>> getting rid of its role), but as far as I know nobody does that.
>> Back at U Wisc we did have a locally built GINA that authenticated to
>> Kerberos and got AFS tokens, along with a lot of other local logic. I
>> don't know if it's still in use nowadays.
> It was probably pgina, www.pgina.org or based on that project as it
> did have AFS support. It works well with ldap. I didn't test the afs
> module as we had some policies for people who didnt have AFS in
> place. The afs code, iirc was similar to what was in the Samba vfs
> afs module.
Oh and what do I know. I had googled to verify the pgina.org website
actually worked, and the refresh came back with a google ad for
http://signon.comtarsia.com which is essentially a gina for ldap auth
with free academic licenses. Although it doesnt appear to support AFS.