There is no ability in Vista or Win7 for a ticket to be obtained during the Network Provider logon and stored in the MIT API session credential cache. The explorer logon hook that was used in XP/2003 to do so no longer exists.
My plan is to develop a new credential cache mechanism that relies on the Authentication Groups that are now in kernel with the afs redirector driver. There is no funding for this project. Jeffrey Altman On 12/9/2011 4:28 PM, Billy Beaudoin wrote: > I've got OpenAFS 1.7.3 x64, OpenAFS 1.7.3 x86 tools, Heimdal 1.5.2 > x64, and NIM 2.0 x64 installing via Group Policy on a 64-bit box. > Specifying domain-specific cell/realm info for auto-login in the > registry, and using dns for everything in the krb5.conf. Everything > works perfectly on login, I get tokens, browsing \\afs is a dream. But > when I launch NIM or do a klist, the kerberos TGT and afs/ tickets > aren't there (which makes renewal and other stuff not work), and there > isn't an error in the NIM log or the Event log after turning on > tracing. If I get tickets via NIM, I get everything I'd expect. klist > -d doesn't give me the same info that NIM does unless I specify the > API cache using a klist -c. So I know something is wrong with my > configuration, its credential cache related, and hopefully obvious to > someone else but I've been staring at it way too long. > Billy Beaudoin > ITECS Systems > NC State University > _______________________________________________ > OpenAFS-info mailing list > [email protected] > https://lists.openafs.org/mailman/listinfo/openafs-info
signature.asc
Description: OpenPGP digital signature
