Hi.

I don't know if ever anyone is facing my problems, but I give a try
asking questions, and if noone answers, maybe my progress in
understanding can help someone else!

My situation: AIX 5.2 client --- Servers (linux) MIT K5, LDAP, OpenAFS.
No user information whatsoever on clients. Passwords are provided by
kerberos 5, user info (gecos, home directory, shell...) by ldap, home
directories reside on openafs, so somehow I have to convert the ticket
from kerberos into an afs token.

--> Now. My /lib/securiry/methods.cfg show something like:

KRB5A:
program = /lib/security/KRB5A
options = authonly
KRB5Afiles:
options = db=LDAP,auth=KRB5A

--> Of couse, I have in /etc/security/user

SYSTEM="KRB5Afiles OR compat"


--> In /etc/security/ldap/ldap.cfg

ldapservers:dir1.cell.name,dir2.cell.name
ldapadmin=cn=myadm
userattrmappath=/etc/security/ldap/2307user.map
groupattrmappath=/etc/security/ldap/2307group.map



What I'm missing is a connection with:
- OpenAFS (ticket -> token)
- SSH (passwordless and PAG)

If anyone has AIX with a similar situation, please let me know! If
you have ideas...

--
Sensei <mailto:senseiwa@tin.it> <pgp:8998A2DB>
<icqnum:241572242>
<yahoo!:sensei_sen>
<msn-id:sensei_sen@hotmail.com>