KFW with NT4 domain
Jeffrey Altman
jaltman2 at nyc.rr.com
Fri Mar 4 02:28:27 EST 2005
Franco Milicchio wrote:
> Hi.
>
> I've got a question, quite simple. I'm trying to make a gateway for our
> AFS cell based on Kerberos 5. Samba will be used to create a windows nt4
> domain. No local users on windows clients.
>
> Will kerberos for windows integrated login gain the tickets if the
> username and password matches the principal and password?
>
> I know this, creating a windows local user matching a k5 principal, kfw
> will automatically gain the ticket... but what if the user is not local?
There is no integrated login for KFW. There is currently no mechanism
by which a Kerberos 5 ticket may be obtained by the "System" account and
stored into the user's session based credential cache.
I believe you are confusing KFW with the OpenAFS Integrated Login which
obtains AFS tokens using Kerberos 5 when KFW is installed.
Jeffrey Altman
More information about the Kerberos
mailing list