problem creating user in windows AD
Jeffrey Altman
jaltman at secure-endpoints.com
Fri Nov 2 09:08:03 EDT 2007
Lars Schimmer wrote:
> Hi!
>
> Not really OpenAFS problem, more kerberos, but maybe someone has a idea:
>
> OpenAFS 1.5.26 on windows XP SP2
> kfw 3.2.2 on windows
>
> Windows 2003 server and AD on it.
>
> Probelm so far: new PC setup, I created a new user in AD and in OpenAFS.
> While trying to logging in (and create a new profile in OpenAFS
> filespace) I get only: access denied.
Tokens required to access profiles at logon are obtained by the OpenAFS
Integrated Logon. NIM is not involved.
>
> Maybe its a bootstrapping problem, after creating a temp profile by
> windows, user got a token and ticket. But no profile is saved into AFS
> space.
The profile will not be saved into AFS until logout. Does the user have
a token at logout?
> the option in kfw (obtain new credential) is NOT activated and I
> assume thats the problem.
> It is not save in profile but needed to access the profile, or?
Profiles containing files or directories whose names include characters
that cannot be represented in the OEM character set configured for the
machine cannot be saved to AFS. The Windows CIFS client cannot speak to
the AFS Client Service's SMB Server using a Unicode aware protocol.
>
> Logging in with a existent user/profile is fine.
>
> MfG,
> Lars Schimmer
________________________________________________
Kerberos mailing list Kerberos at mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20071102/060a1574/attachment.bin
More information about the Kerberos
mailing list