howto obtain TGT on login to windows machine without AD

[Marcus Blomenkamp]

Hi all.

We are using an NT4 domain setup for some time now. We would like to have
access to a kerberos authenticated filesystem (AFS) without prompting the
user for an additional password. In our setup we have synchronized
passwords between PDC and Kerberos. Thus the required TGT obtaining
procedure can reuse the initially entered password.

Which software (AFSLogonShell, MIT package ...) will make this possible?
Using an Active-Directory Controller is not an option for now. Do we have
to code something GINA/LSA related for ourselves? Has anybody tried
something similar? Appreciating any input...

PS: W2K and WXP client machines

Best regards, Marcus