Quoting Jeffrey Altman <[email protected]>:
OpenLDAP is not a replacement for Active Directory. You either need to manage local Windows accounts that are mapped to Kerberos identities for logon or you need to use Active Directory (or an Active Directory equivalent) to manage the accounts for you. In either case, once you have accounts defined for users those accounts can have roaming profiles stored in AFS.
Quoting Lars Schimmer <[email protected]>:
Sure it is. Just enter the path to the profile like \\AFS\cgv.tugraz.at\home\user\winprofile and enable "pbtain tokens at login" for the workstation. Be sure for AD server can access the path to the user profile (l ACL should be enough). ...
Okay, it sounds like Active Directory would be the best solution. However, seeing as this is strictly an Open-Source project (apart from those few Windows clients running a couple of proprietary apps), I would not be able to use any Windows servers for that. I guess it would have to be Samba. Still doable?
Quoting Lars Schimmer <[email protected]>:
This will set the profile path to a AFS path and all data will be read and saved into AFS space for the user. But it does not work like linux homes. 1. A local profile will be written to disk every time a user log in 2. the profile will be copied from server to client on login 3. while logged in, files will be written to local disc 4. on logout, files will be synced from local disc into AFS space
That sounds good enough for me. Just as long as new user accounts don't have to be created on every new Windows workstation, and that I don't have to start installing Windows server machines.
Cheers, Jaap _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
