[OpenAFS] Active Directory Kerberos ticket allowing to access
OpenAFS cell?
Jeffrey Altman
jaltman@secure-endpoints.com
Thu, 03 Nov 2011 09:20:35 -0400
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig15A1E5138B4A07948FE775B8
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
On 11/3/2011 2:58 AM, Stanislaw Kaminski wrote:
> Well, I am using KfW, but since I have no domain yet I wasn't able to
> test if KfW automagically gets Kerberos tickes while user logs on. I
> don't want it to ask for a password second time, after AD logon.
On Vista and later, KFW will not obtain tickets at logon for a realm
other than the one that was used for Windows logon. It has no mechanism
to pass the acquired tickets into the logon session for use by applicatio=
ns.
KFW will make available the Windows logon tickets via the MSLSA
credential cache interface.
Jeffrey Altman
--------------enig15A1E5138B4A07948FE775B8
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
iQEcBAEBAgAGBQJOspUmAAoJENxm1CNJffh4jvYH/0VfFTS4QYGywMU/t2AE1JLS
CWcZRjdVD6l2k9aUKQMHUUCxebyBOp2CX6KIVtEcCRW+p2xjc8bVI1OxAbgyxXEl
3O2seBGZgWti9mZkqkgAyQRbKOJvkFPxmJRiy7UUuWMr+j7L92q9htcci1OsYj5X
9cbmswbT0CQkdcO6pRtnSuLJaEJNWQZc/fLsF+fexME3l4gViNf3cGR9E7VoICb2
NukHgaSqNrxQOpJspf6R/7c83L0Np5XqyaSa2aU01pLbascGBj2TrTmqnx+gepAG
sTGO2UbuL3OjSPE7VGdLm66P/QjEfbEqiPjtNVfReyO8luk+n0ARZ50IvynLiLQ=
=5HHX
-----END PGP SIGNATURE-----
--------------enig15A1E5138B4A07948FE775B8--