Integration with the Windows login system I believe is almost always
done via AD. I think it's possible to not use AD if someone wrote a
Kerberos pGina plugin (or maybe Samba, but that's just replacing AD, not
getting rid of its role), but as far as I know nobody does that. But if
you just want to get tickets/tokens after the user has logged in, that
is much more common and easier to do.
You can do windows login with just Kerberos (no Samba/AD), at least in
my testing on XP and 2003. You'll need ksetup.exe from the tools
package for your OS. This link has a good bit of info:
http://www.wlug.org.nz/WinXP%2BKrb5%2BAFS
There's also an old AFSBPW presentation from UNCC with some (now dated)
material about integrating profiles and other things which was helpful
in understanding the process.
Roaming profiles, making sure you get AFS tokens at the right time in
the login process, etc., are where AD or a good substitute come in
handy. So again it depends on what your goal is.
-Chaz
____________________________________________________________
Publish your photos in seconds for FREE
TRY IM TOOLPACK at http://www.imtoolpack.com/default.aspx?rc=if4
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
