Thanks to all who responded. I think I should be more detailed about
our problem. We have brought afs 3.4a up in client-mode on an aix
machine running 4.1.4. Some of our users have only unix accounts.
Some of our users have both unix and AFS accounts. None of our users
with unix-only accounts are able to login. If the user has both an
afs and a "different" Unix password, the afs password allows him to
login but the other Unix password does not.
We have a copy of the AFS 3.4 GA Release Notes, dated November 29.
We have followed the instructions detailed in Section 4.3.2.:
- We currently have the following defined in /etc/security/user as
our default:
SYSTEM = "AFS OR ( AFS [UNAVAIL] AND compat [SUCCESS] )"
registry = DCE
- And for root we have:
SYSTEM = "compat"
registry = files
- In /etc/security/login.cfg we have the following entries
DCE:
program = /usr/vice/etc/afs_dynamic_auth
AFS:
program = /usr/vice/etc/afs_dynamic_auth
retry = 3
timeout = 30
retry_delay = 10
- We have replaced the /usr/vice/etc/afs_dynamic_auth on the machine,
as specified, with the 3.4a version.
Our understanding is that this is supposed to work. Are we wrong?
Is this working for other people? Is it possible the release notes
are not complete?
