S
Sensei
Hi.
I've built an afs cell, a kerberos kdc, an openldap server, all
kerberized. Now all linux clients can login on the cell using k5
authentication, finding informations about their home dirs with ldap.
Their home reside on the afs cell, which allows r/w access since it
releases a token from the k5 ticket. All macosx clients can login as
well... but what about windows?
I'd like to avoid creating windows users on every windows client...
since we have more than 700 users... and I know I can set up an AD
server, creating users on kerberos/afs/ldap AND the same users on AD...
So I have 2 possible solutions:
1. Make windows see mit kdc, get informations from openldap, map the
home directory on the afs cell, retreiving k5 ticket and afs tokens.
2. Make an AD server and let it interact with mit k5 and afs.
In the second case, it's mandatory to get tickets and tokens, and the
home dirs mapping as well. Moreover, I'd like to create remotely users
and mappings.
I need some hints, please...
I've built an afs cell, a kerberos kdc, an openldap server, all
kerberized. Now all linux clients can login on the cell using k5
authentication, finding informations about their home dirs with ldap.
Their home reside on the afs cell, which allows r/w access since it
releases a token from the k5 ticket. All macosx clients can login as
well... but what about windows?
I'd like to avoid creating windows users on every windows client...
since we have more than 700 users... and I know I can set up an AD
server, creating users on kerberos/afs/ldap AND the same users on AD...
So I have 2 possible solutions:
1. Make windows see mit kdc, get informations from openldap, map the
home directory on the afs cell, retreiving k5 ticket and afs tokens.
2. Make an AD server and let it interact with mit k5 and afs.
In the second case, it's mandatory to get tickets and tokens, and the
home dirs mapping as well. Moreover, I'd like to create remotely users
and mappings.
I need some hints, please...