Douglas E. Engert wrote: > Jeff, > The netmgr can import tickets from MSLSA, but only appears to do this > at login or when the import credentials is selected. Could it do this > on a periodic bases to check if the MSLA TGT might have been updated > by a screen unlock? Or did I miss something? > > So if Ryan can use the Windows DC as the KDC, with renewable tickets > with a reasonable RenewUntil time, and the users unlock their machines > some time withing the RenewUntil time, they would never loose > their AFS token.
There are lots of things NIM could do. None of them are things that NIM does today. Therefore, NIM as currently shipped will not do what Ryan needs. The correct one is to receive notification that the LSA has new tickets and do something with them. The only notifications I see are for terminal server. I will need to research what other possibilities there are. Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
