Rodney M Dyer wrote: > HOWEVER! Performing the full install of the Kerb for Windows client > using the MSI would probably be just as easy, if not more "proper".
Thank you for the detailed information, installing the MSI is what I plan on eventually. The problem at the moment is that the MSI approach is serious pain (mainly for political reasons) so I am looking for a more incremental approach. I finally found what I think I am looking for here: http://www.openafs.org/pipermail/openafs-info/2003-July/010159.html which says: > OpenAFS ships with a number of authentication-related utilities for use on > clients; the most notable of these is 'klog'. On UNIX systems (including > MacOS X), these tools speak the kaserver protocol; they will work with a > real kaserver, or a Heimdal KDC configured to handle kaserver requests, or > an MIT KDC running fakeka. On Windows, these tools speak the Kerberos IV > protocol; they will work with a real kaserver, or a Heimdal KDC built with > krb4 support, or any MIT KDC. OK, so I now have an MIT KDC with Kerberos IV support enabled. I try to obtain tokens via the usual method (padlock in systray) and sure enough, I can get them. However, as soon as I try to access a directory in Windows Explorer that requires valid credentials, I get an access denied popup and notice that my tokens have been discarded (padlock has red X). Any idea what is causing this behavior? -- Joe Buehler _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
