Ryan L. Means wrote: > Jeffrey Altman wrote: >> There is no notification to any process that is running that >> the MSLSA obtained new Kerberos v5 tickets OR a hook that would >> obtain the user's name/password during unlocking to use to request >> a new TGT and AFS token. > > So you're saying there really isn't any way to do the same thing on > unlock that happens on login. Can you think of any other way to solve or > work around this problem besides just telling the user to log out > instead of locking? Unfortunately, they won't buy having to type in > their password twice every time they come in in the morning. > >> >> There is nothing abnormal about your setup. >> >> What are you using for a credential manager? > > I'm using MIT KFW 3.2.2.
The problem is that I don't know what can be used by NetIDMgr as a trigger to attempt re-importing the MSLSA: TGT and using it to obtain derivative credentials. There is no code for this at present. Jeffrey Altman _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
