[OpenAFS] AFS client -> Windows server w/AD & KDC -> Linux AFS servers

Lars Schimmer l.schimmer@cgv.tugraz.at
Thu, 26 May 2011 13:00:15 +0200

On 26.05.2011 12:31, Mickey Lane wrote:
> Hi,
> I want an AFS client (Windows or Linux) to get kerberos credentials fro=
m a Windows Server and use them to access AFS servers on a Linux machine.=
 The Linux machine does not have a KDC.
> Although I haven't personally tried it, I'm under the impression this w=
orks without too many AD configuration issues with Server 2003.
> I'm also under the impression it works with Server 2008 R2 once DES is =
> I currently have 2008 Standard (not R2) configured to provide tickets a=
nd I've moved the keytab to the Linux machine, etc. The process *appears*=
 to work but the credentials are invalid. Kvno numbers are correct. I thi=
nk the problem is improper encryption types.
> I'm aware of a Microsoft update to 64-bit Server 2008 that is related t=
o password corruption in this process.
> My question: Has anyone ever made this work on Server 2008 Standard (no=
t R2)?

I know it works on Win 20008 Standard, but I do run 2008R2 for AD
services including krb5 auth for users on linux clients.
My selfnotes are here to be read:

> Thank you,
> Mickey.

Lars Schimmer
TU Graz, Institut f=FCr ComputerGraphik & WissensVisualisierung
Tel: +43 316 873-5405       E-Mail: l.schimmer@cgv.tugraz.at
Fax: +43 316 873-5402       PGP-Key-ID: 0x4A9B1723