Lars Schimmer <[EMAIL PROTECTED]> wrote: > Thanks for the link. > Maybe I don´t get it right on my thoughts. > Setup here: > AD with 1 server and x clients > krb5 server on debian on extra machine
So you have an Active Directory domain that the Windows machines are on? And a seperate Kerberos Realm for the Linux machines? Do you have a realm trust between these? B/c its not likely to work if you don't. > on each client MIT krb5 and OpenAFS 1.4.x on debian, 1.5.12 on windows > on windows clients: krb5 config with the krb5 server entry and "obtain > tokens for OpenAFS while login enabled" > til yet no special entries for krb5 in AD. > I assume the user on windows obtain a token and a valid ticket from > the > linux krb5 server while logging in (else the token wouldn´t be valid) > So a valid ticket for user is available in the cache. > In https://www-s.acm.uiuc.edu/wiki/space/Setting+up+SSH+on+Debian That page assumes all machines are in one realm, which doesn't appear to be your case at all. Can you be specific about which machines are in which Kerberos / AD Realm? <<CDC
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
