Hello, I'm running Windows 7 Professional 64-bit, joined to an Active Directory domain which is my Kerberos REALM for my OpenAFS cell. Everything works fine, but I have recently noticed that when I login with a domain account, Network Identity Manager does not seem to be automatically getting an AFS token. It just pops-up a password prompt for my Kerberos "identity" as it calls it.
I did some searching and found this page in the NIM docs which seems to describe my situation: http://www.secure-endpoints.com/netidmgr/v2/docs/netidmgr/html/config_k5.htm which about half way down the page has this paragraph: "On Windows Vista, Windows 7, and Windows Server 2008 the operating system does not permit the importation of the Kerberos Ticket Granting Ticket if the active user account is a member of the Administrators or Domain Administrators groups and User Account Control (UAC) mode is active." My domain account is a member of the local computer's Administrators group. Is there any workaround besides completely disabling UAC? In the mean time I removed my account from the local "Administrators" group, and NIM works again. -- [email protected] Computing Services School of Social Sciences SSPA 4110 | 949.824.1536 _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
