>My main concern here is users at well-established AFS sites (say, >CMU/MIT/Stanford) who access my cell. The way it's set up, things >work great with the latest aklog, zero configuration needed. I've >found that prior aklogs fail (sometimes nondeterministically) because >I rely so heavily on AFSDB, Kerberos SRV, and cross-realm >authentication. These all work quite well in the 1.4.1 aklog, though.
You have to be careful here. At least two of those things you mention (SRV records for Kerberos, cross-realm authentication) are properties of the Kerberos library that aklog links against. The version of aklog that you have doesn't really matter. AFSDB can matter, but that's more about the version of the AFS libraries that you link against; aklog wasn't changed to know about AFSDB. Really, the significant difference between "older" aklogs and modern aklogs is that the older ones always use the 524 ticket converter; modern ones will try an rxkad 2b token by default. --Ken _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
