On Apr 21, 2008, at 6:21pm, Prasun Gupta wrote:
We would like to use windows client to authenticate with an Kerberos Server (KDC), get a windows user’s roaming profile and then map the user’s afs homespace on the machine.From What I have read the user Kerberos credentials have to be mapped to a windows user account, defined locally or in active directory. We would like to not have any windows user account or an active directory account. The only places account information would be kept is in Kerberos and the openafs servers.Our Goal: Get rid of Active Directory or local windows user accounts. Has anybody implemented this?Is it essential to maintain a Windows Active directory Server or have all the local user accounts defined on the windows clients ?Thanking in advance for any pointers or suggestions in this regard.
Somewhere you have to map user accounts. You can use samba, AD, or local accounts. There is to my knowledge no real or feasible way of obtaining the same behavior as with pam under unix.
Anyway many of the elders here may help you more than I can do. Cheers!
smime.p7s
Description: S/MIME cryptographic signature
