There are a number of ways to do this. You could just use your M$-KDC as a regular K5 KDC and use krb524 to obtain AFS tokens, or you could have a process similar to the above where the 'v4 AFS key' is separate from the 'M$ key'.
Basically, you use 'aklog' to authenticate to the 524 daemon, and that gives you a 'token' which you stuff into your client to authenticate. You don't need native k5 in AFS for this to work. -derek Jacob Gorm Hansen <[EMAIL PROTECTED]> writes: > I know Active Directory is not anyone's favorite, not mine either, but I need > to be able to authenticate against it. Currently, I've got just one AFS server. > running debian linux. > > Does anyone have a recipe for doing so? I read somewhere that krb5 was being > worked on for OpenAFS, I suppose that would make things easier. What is the > status of that? > > Best, > Jacob > _______________________________________________ > OpenAFS-info mailing list > [EMAIL PROTECTED] > https://lists.openafs.org/mailman/listinfo/openafs-info -- Derek Atkins Computer and Internet Security Consultant [EMAIL PROTECTED] www.ihtfp.com _______________________________________________ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
