You're welcome to a copy, however...
I'm at this moment totally rewriting it to serve a new system we're
developing to replace what the original ND_GINA provided.
The new version is a vastly stripped-down derivative of the
original. The are three noteworthy functionality points it adds to
a desktop system:
1) cooperates with a daemon on the NT Domain Controller to
automatically (one-way) synchronize your NT password with that of
your central (e.g. Kerberos) account at login. An IIS
authentication filter could extend the same capability to IIS, so
you could host authenticated websites on IIS, and rely on NTDomain
credentials that would be sync'd with your canonical auth reference
(e.g. AFS/Kerb). Upload of password changes (NT->AFS) can be done
by employing Microsoft's "Services for Unix" package, which
intercepts passwd changes initiated on NT, and forwards them (in
cleartext) to a Unix daemon which will change the canonical auth
device.
2) recognizes a variable in your NT account's Profile Path, and
transforms it in such a way as to enable the Transarc AFS client to
retrieve your roaming profile from AFS. (i.e. it recognizes the
string "\\%Computername%" in your ProfPath, and replaces that
variable with the actual name of the current computer, so that your
profile path handed to Winlogon ends up resembling
\\THISPC-afs\all\blah\blah for the current login session. Without
making that transform, the Transarc AFSD dies a horrible death when
asked to retrieve a file from a path containing the "%"'s. (hint
to Transarc here :-)
3) Processes a logOUT script, to provide the missing NT
functionality (NT by default only processes a logIN script).
So, the new GINA merely facilitates the cooperation between an NT4
Domain and AFS, but could be easily modified to synchronize NT with
almost any other system (e.g. DCE, etc).
Gone from the new GINA are all the calls to scripts and local
generation of new user accounts at each login. We'll be relying on
built-in NT Domain functionality for all the things that our
original GINA (plus its scripts) had to perform. System mangement
of the NT desktops is left to other tools (e.g. SMS, Tivoli,
Platinum, etc.)
Still want the old code?
------------------------------------------------------------
Gary L. Dobbins -- Director, Technical Science
University of Notre Dame, Office of Information Technologies
[EMAIL PROTECTED] -- http://www.nd.edu/~dobbins
219.631.7566 -- FAX 219.631.8201
------------------------------------------------------------
----- Original Message -----
From: Dr. Michael Bruewer <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, April 15, 1999 10:07 AM
Subject: Re: [Q] About GINA Module of AFS 3.5 products
>
> We are using the GINA developed by Gary Dobbins at Notre Dame
University quite
> successfully. Maybe he will be so kind to give it to you, too.
>
> http://www.nd.edu/~dobbins/ntarch/nd_gina_doc.html
>
> I would like to support Kwon Oh-hoon. AFS for NT should not only
integrate the
> fileservice but the user management as well. As far as I
understand, AFS 3.5
> makes it easier to write a GINA, but leaves the rest (e.g.
managing roaming
> profiles) to you/us.
>
> Regards,
>
> Michael
>
>
> ----
> Dr. Michael Br"uwer
> RZ der Univ. Hohenheim 70593 Stuttgart
> [EMAIL PROTECTED] www.uni-hohenheim.de/~bruewer
> Fon: +49-711-459-3838 Fax: -3449
> PGP Public Key:
> RSA: http://www.uni-hohenheim.de/~bruewer/pgpkey_V2
>
