Windows Auto-auth
Ben Creech
bpcreech at eos.ncsu.edu
Wed Jan 15 23:35:01 EST 2003
Has anyone worked on auto-auth on Windows recently? I'm just wondering
what experiences other people have had with this. Specifically, the
kind of auto-auth to which I'm referring grabs the Windows login
password and uses it to grab a Kerberos tgt and various sgt's (most
importantly for AFS). This way users have the access they need as soon
as the machine finishes logging in, providing a sort of "single
sign-on".
Currently I'm working on a project that uses a network provider dll and
a Windows service to hold tickets until the user has a desktop in which
for krbcc32s.exe to reside.
Formerly, NCSU had a custom gina, but it was a pain to support, partly
because it had to also implement the functionality of the NetWare gina,
partly because it was written in NT4 days when (from what I understand)
Microsoft was changing the gina specs frequently, and partly because
things can go horribly wrong when the gina screws up.
Again, I'm just wondering if anyone else is working on or has
implemented some manner of Windows auto-auth (preferably one that
doesn't get the tickets from an AD server and ms2mit them).
Thanks,
Ben Creech
NCSU ITECS
More information about the krbdev
mailing list