theo van den bout wrote:
You need the aklog that comes with OpenAFS 1.4.0. It is the program that takes the TGT you obtained via kinit and uses it to obtain an AFS service ticket for the cell you wish to authenticate to. Once it has that service tickets, it makes it available to theYou only require a krb524d, fakeka, etc. if you are attempting to support clients that cannot make use of Kerberos 5-based tokens. What clients are you attempting to support?MIT KFW does not ship with any server side daemons. The daemon you would want to build is a krb524d.exe and you would want to run it on the domain controllers using the keytab option. You could of course run a second realm and establish the cross-realm trust. However, that is more work. Unless you really have no control over the clients and must support the use of "kauth" instead of even "kerberos 4" there is no longer a need to do so.Really?? I'm completely lost now. Does this mean i also do /not/ need 'aklog'? 'kinit' will do? I'm (sofar) only interested in supporting linux clients using the latest software. Theo
cache manager so that your AFS requests can be authenticated. Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
