Thanks for the response.
We are not using IBM Kerberos. We are just using kaserver authentication.
Server (1.2.11) installed on Redhat 3. Windows clients uses OpenAFS client 1.3.77 to connect to their file space. Maximum consecutive unsuccessful authentications value is ineffective for windows users.
Do we have to install MIT kerberos to resolve this? Do we have to consider using MIT kerberos because kaserver going to be discontinued in near future?
Thanks
Raghu
Jeffrey Altman <[EMAIL PROTECTED]> wrote:
Jeffrey Altman <[EMAIL PROTECTED]> wrote:
Raghu S wrote:
> We haven't installed MIT Kerberos with windows. We are using native AFS
> authentication.
>
> Raghu
this implies that you are using the IBM Kerberos 4 implementation
instead of kauth (krb4/rx) and kaserver. I seem to remember seeing this
complaint in the past. As the code paths are different it is quite
possible that the kaserver code does not enforce lockouts in quite the
same way. This is not a bug that I expect anyone is going to expend
effort to track down as we are looking to remove the kaserver
functionality from OpenAFS sometime in the not too distant future after
Kerberos 5 support is better integrated into the UNIX/Linux/MacOSX clients.
Jeffrey Altman
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection
around
http://mail.yahoo.com
