Please keep list conversations on the list.
Franco "Sensei" wrote:
Jeffrey Altman wrote:
Then you need some equivalent of an Active Directory or NT4 Domain Controller. AFS does not replace either of those services.
Sure. That's the simplest way.
An equivalent of active directory can't be found (at least to my knowledge) and using samba for NT4 is a security issue, since we have to manage machines and users in samba also and users will use samba passwords instead of kerberos. Not good. If you know a solution... well it would be appreciated of course! :)
Do you think I am hiding one?
An idea would be using NTLM/SSPI and defining \\AFS as local, considering the network reliable, so that ntuser.dat can point to a specified path under \\AFS and everybody will be happy.
You can point the profile to \\AFS\cellname\path. The way you do this
is to place an entry in the account database indicating where the profile directory is located. For this you either need to manage local
accounts or have an Active Directory replacement.
If you use less things, it's better. The infrastructure should be already useful for windows, except the hive with HKEY_CURRENT_USER which should be local, but noone says it must... at least it is possible to fake it.
Franco Milicchio
smime.p7s
Description: S/MIME Cryptographic Signature
