Good afternoon,
We are just starting to use AFS here at the School of Law at UC
Berkeley. Everything seems to be working well with OpenAFS for Windows
and the integrated logon functionality that grabs a Kerberos 5 ticket
and then the AFS token. Unfortunately, it seems that when a user locks
t
There is no notification to any process that is running that
the MSLSA obtained new Kerberos v5 tickets OR a hook that would
obtain the user's name/password during unlocking to use to request
a new TGT and AFS token.
There is nothing abnormal about your setup.
What are you using for a credential
Jeffrey Altman wrote:
There is no notification to any process that is running that
the MSLSA obtained new Kerberos v5 tickets OR a hook that would
obtain the user's name/password during unlocking to use to request
a new TGT and AFS token.
So you're saying there really isn't any way to do the sa
Ryan L. Means wrote:
> Jeffrey Altman wrote:
>> There is no notification to any process that is running that
>> the MSLSA obtained new Kerberos v5 tickets OR a hook that would
>> obtain the user's name/password during unlocking to use to request
>> a new TGT and AFS token.
>
> So you're saying the
Ryan L. Means wrote:
Good afternoon,
We are just starting to use AFS here at the School of Law at UC
Berkeley. Everything seems to be working well with OpenAFS for Windows
and the integrated logon functionality that grabs a Kerberos 5 ticket
and then the AFS token. Unfortunately, it seems t
Douglas E. Engert wrote:
> Jeff,
> The netmgr can import tickets from MSLSA, but only appears to do this
> at login or when the import credentials is selected. Could it do this
> on a periodic bases to check if the MSLA TGT might have been updated
> by a screen unlock? Or did I miss something?
>
Jeffrey Altman wrote:
> Douglas E. Engert wrote:
>
>
>> Jeff,
>> The netmgr can import tickets from MSLSA, but only appears to do this
>> at login or when the import credentials is selected. Could it do this
>> on a periodic bases to check if the MSLA TGT might have been updated
>> by a screen
Douglas E. Engert wrote:
Ryan L. Means wrote:
Good afternoon,
We are just starting to use AFS here at the School of Law at UC
Berkeley. Everything seems to be working well with OpenAFS for Windows
and the integrated logon functionality that grabs a Kerberos 5 ticket
and then the AFS token.
Ryan L. Means wrote:
> Yes, it does allow renewable tickets for up to 7 days. But, it doesn't
> seem like netmgr is renewing them when the workstation is locked. That
> would help the problem because then users who never log out would only
> be prompted every 7 days...
NetIDMgr doesn't know that
Anders Magnusson wrote:
> Not that I know how any of these things works in Windows, but wouldn't it be
> possible to get the LSA to keep track of and renew the afs ticket, and
> then just
> have a really small program that just asks the LSA for the afs principal
> and convert
> it to an afs token?
Jeffrey Altman wrote:
Ryan L. Means wrote:
Yes, it does allow renewable tickets for up to 7 days. But, it doesn't
seem like netmgr is renewing them when the workstation is locked. That
would help the problem because then users who never log out would only
be prompted every 7 days...
NetIDMgr
Ryan L. Means wrote:
> Jeffrey Altman wrote:
>> Ryan L. Means wrote:
>>
>>> Yes, it does allow renewable tickets for up to 7 days. But, it doesn't
>>> seem like netmgr is renewing them when the workstation is locked. That
>>> would help the problem because then users who never log out would only
>>
12 matches
Mail list logo
