On Aug 23, 2010, at 11:43 AM, Dale Pontius wrote: >> >> Is there a piece of software that does this? It's been a long, long >> time since I used Windows, but it sounds like this feature is what the >> Windows client calls "integrated login". Or maybe not. Either way, is >> there a way to get MacOS to do this?
> Be very careful of an integrated login on a laptop. I set up to have > (sometimes) integrated login on Linux, and it can be problematic if you > try to login while away from the network where your AFS server resides - > as in a really looooong timeout. I don't know if this is standard > behavior for Windows or MacOS integrated logins, and for that matter I > don't know if this is even the current behavior for an integrated login > under Linux, any more. I just know that when I first set things up > under Linux, if the server wasn't available, only root could login. What he said. I run openafs on my mac laptop and configure it so that it does not start AFS at boot, nor automatically obtain kerberos tickets. My login password is local, not kerberos or AD. This give me the most flexibility when going on the road, as there are many places still where you can't get easy network access. If your password requires AD or kerberos and you're away from a net, you're screwed. For afs, I configure it via the oASF preference panel such that it does not start at book. When I want to run AFS, I turn it on via the same preferences panel. The only time it's really an issue is when you're cold-booting the laptop. Once it's up and has successfully started AFS, you can be detatched with only minor irritations when you forget a file is in AFS and have to wait for the timeout. When kerberos keys are needed but no AFS access, I run 'kinit.' When afs is running, I do 'kinit && aklog.' Conversely - I can count on one hand the number of times I've had to cold-boot my laptop while away from a network connection. If you can live with the long boot time while AFS times out in such circumstances, you only need to worry about local passwd vs krb/AD stuff. But no matter what, stick to a local password. Steve _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
