On 01/27/2011 01:34 PM, Dan Pritts wrote:
On a related note, we'd like to pass through authentication from AD to
our MIT kerberos realm. There are various documents on the net that
talk about this, and I'm told that it's done in various places (e.g.,
umich), but we have been so far unable to make it work.
Does anyone know of instructions on how to make this work with win2008? We are
doing a greenfield AD install. I suppose we might consider using samba instead
if that makes the process easier.
Check out http://technet.microsoft.com/en-us/library/bb742433.aspx (in
particular, Setting Trust with a Kerberos Realm). In this case you can
create user X, then log them in as "X@<REALM>" and get the same
permissions you've set for user X in your AD directory.
--
=========================================================================
John Perkins | University of Wisconsin-Madison
Researcher | Department of Computer Science
j...@cs.wisc.edu | 1210 W. Dayton St.
608-262-0438/608-262-6626 FAX | Madison, WI 53706-1685
=========================================================================
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
