On Dec 3, 2007 10:16 AM, Jeff Blaine <[EMAIL PROTECTED]> wrote: > I'm trying to deduce the depth of effect from building > OpenAFS client tarballs with '--with-krb5-conf=...' > > During our transition to krb5 auth, I'd like our clients > to have an OpenAFS allowing kaserver auth, but I obviously > want aklog in place for those willing to test krb5 + aklog. > > Can anyone save me some testing time and comment on the > fesibility of that? >
3 choices: krb5kdc with fakeka (if mit) or with kaserver-compat enabled (if heimdal) in place of kaserver or sync the key key between the kaserver and the krb5kdc or different realm name for krb5 and kaserver, and 2 keys (with different kvnos) on all the afs servers.
