I can't use just active directory, because student ID's for AFS are created off a separate LDAP system, as well as not using that system for authentication.
I need to be able to test a trust relationship off of one Kerberos system running on Solaris to a Windows domain. At present, do not have a single sign on system. We are using OpeanAFS 1.6 As such, I have to learn to "coexist" by creating an intermediate test environment to explore the possibilities of using a trust relationship so students can use the 1.7 client and just sign on once. I don't know why we have three authentication systems, but my job is not to ask why :-) Do you have a link to documentation that could clarify this sort of OpenAFS Server configuration? -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Jeffrey Altman Sent: Friday, December 09, 2011 12:36 PM To: [email protected] Subject: Re: [OpenAFS] Need to setup Kerberos Environment On 12/9/2011 12:21 PM, Valentine, Nick wrote: > Looking for some advice on setting up a test environment for OpenAFS > server and windows client. > > > > I am going to setup a Linux server for OpenAFS server use, and need > to setup Kerberos with a trust relationship to a windows domain for > authentication. > > > > I keep clicking the windows documentation, but it is taking me to > dementia.org. > > > > Any advice on a useful link for setting up the linux or solaris server > Kerberos to allow for this authentication? If the only thing you are using the Kerberos realm for is OpenAFS, why not just use Active Directory by itself?
