Hi,
first I want to thank you for the link. We'll try it out, if we have
some time :-)
You've asked, if it's the same realm:
Yes, (unfortunately) it's the same realm name for both.
Greetings, Silvia
Douglas E. Engert schrieb:
Silvia Roedelsperger wrote:
Hi,
i've got a question.
Does anyone know a documentation or a howto on using Active Directory
(Windows 2008 Server) as the KDC in an OpenAFS installation?
John Spoko Jr wrote this up:
http://www.openafs.org/pipermail/openafs-info/2007-January/025039.html
The case 1 looks good.
You may also want the AD admin to set the userAccountControl flag
0x2000000 in the afs account so the MS PAC will be not be sent in the
ticket.
The PAC can be large 12K, and since AFS does not use it, it can reduce
the size of tickets/tokens from 13K to about 400 bytes.
See:
http://support.microsoft.com/kb/832572
Our test environment for the OpenAFS server ist running on a Debian
Etch machine.
I just found this old thread from 2004:
http://www.openafs.org/pipermail/openafs-info/2004-June/013771.html
Unfortunately, this thread doesn't helped me very much.
To have two Kerberos-servers (on the one hand the Windows 2008 Server,
on the other Hand a MIT-Kerberos Server at the Debian machine) with
the same user-accounts doesn't make very much sense to me.
Same realm names? Or not?
Thanks in advance! :-)
Greetings, Silvia
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
