On Thu, 28 Mar 2002 14:17:36 -0800 "Michael Lasevich" <[EMAIL PROTECTED]> wrote: > I assume I need to connect AFS authentication to Win2k server somehow, > but I am not sure how. If you can point out what I am missing or at > least where to look, I'd appreciate it. I am sure I am not the first > to try this, maybe there is a AFS-Win2k-KDC howto out there?
While not yet a HOWTO, the AFSLore Wiki has a page on this subject[1]. It would be useful to convert this page from a list of references to something more like an actual HOWTO. If/when you get this working, consider contributing your experiences to this page. > Also, Is there a good on-line reference manual as to how kerberos and > openAFS works? I feel like I am missing some of the basics behind > these beasts. Retyping commands from howto's, etc. is all well and > nice when you are in a pinch, but I would really like to understand > what i am doing. There are numerous references on Kerberos. The AFSLore KerberosV page recommends this FAQ[2]. I don't know of a good description of how the AFS RPC system, called Rx, uses Kerberos tickets (which AFS calls tokens) to authenticate RPCs. The code is in the rxkad source directory. But understanding the general Kerberos theory of authenticating applications will get you most of the way there. Mapping from a UDP service model to one based on RPC isn't too hard. Ted Anderson [1] http://grand.central.org/twiki/bin/view/AFSLore/ActiveDirectory [2] http://www.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html _______________________________________________ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
