On 1/28/11 2:49 PM, omall...@msu.edu wrote:
Quoting Marc Dionne <marc.c.dio...@gmail.com>:
On Thu, Jan 27, 2011 at 10:53 AM, Andrew Deason
<adea...@sinenomine.net> wrote:
Integration with the Windows login system I believe is almost always
done via AD. I think it's possible to not use AD if someone wrote a
Kerberos pGina plugin (or maybe Samba, but that's just replacing AD, not
getting rid of its role), but as far as I know nobody does that.
Back at U Wisc we did have a locally built GINA that authenticated to
Kerberos and got AFS tokens, along with a lot of other local logic. I
don't know if it's still in use nowadays.
It was probably pgina, www.pgina.org or based on that project as it did
have AFS support. It works well with ldap. I didn't test the afs module
as we had some policies for people who didnt have AFS in place. The afs
code, iirc was similar to what was in the Samba vfs afs module.
No, the GINA Marc mentions was coded in house by me in 1996-97 while
I was working at U Wisc based on example code from the Microsoft SDK and
a similiar project in place at the Univ. of Notre Dame. We used it on
Windows *NT* workstations.
Last I checked they had moved on to the built in Krb5 support in
Windows XP and newer.
--Craig
PS Hi Marc!
--
/ Craig Huckabee | e-mail: h...@spawar.navy.mil /
/ Code 55170 | phone: (843) 218 5653 /
/ SPAWAR Systems Center | close proximity: "Hey You!" /
/ Charleston, SC |ICBM Coordinates: 32.716351,-80.064157 /
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
