The Microsoft libraries are only useful if one is actually using the
Windows Kerberos parts (either through Active Directory or ksetup.exe
with a realm.)
For your standard home user, they aren't going to be using either and
need a way to enter Kerberos credentials from within Windows itself.
Think of it as Windows not having a kinit command. Windows can only
obtain initial Kerberos credentials from the login screen.
Also, KfW or Heimdal allow one to obtain credentials for different
realms/cells outside of the ones the computer is authorized to obtain.
E.g. This allows me to authenticate to cells at other organizations just
by having a password for their realm and (usually) not requiring me to
"join" my computer to their Active Directory or Kerberos infrastructure.
<<CDC
Coy Hile <[email protected]> wrote:
I'm almost certainly missing something obvious here, but why do we
have the dependency on either KfW or Heimdal for the Windows OpenAFS
client? Microsoft already ships Kerberos libraries as part of Active
Directory; why can we not link against those directly?
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
