This is a discussion on Re: what happens when kfw is disconnected - Kerberos ; On Wed, May 28, 2008 at 9:02 AM, Jeffrey Altman email@example.com > wrote: > David Bear wrote: > >> We have the challenge of supporting very mobile users who may hop between >> many wireless networks. These machine are joined ...
On Wed, May 28, 2008 at 9:02 AM, Jeffrey Altman <
> David Bear wrote:
>> We have the challenge of supporting very mobile users who may hop between
>> many wireless networks. These machine are joined to an AD domain so when
>> they hop on to a wireless network, they are logged on using whatever
>> credentials windows has cached. This seems to cause an issue for KfW
>> Openafs. I am wondering of KfW handles the situation where it cannot
>> a KDC becuase there is no network path available because windows hasn't
>> connected to any network. Can KfW be instructed to wait a certain time
>> period for trying to get a tgt? Or, can KfW wait for an event, like the
>> availability of a wireless network -- and then contact the kdc for
>> KFW does not cache the user's password. If the KDC is not reachable
> during logon, the user will not obtain credentials.
> The user can obtain credentials at a later time using Network Identity
> Manager. You can configure NetIdMgr to monitor network connectivity and
> prompt the user to obtain credentials if s/he has none.
> Then we should configured KfW to NOT get credentials at logon, and set it
to prompt for logon when the network becomes active? I think I found that
setting in NiM under options->general (uncheck obtain new credentials at
monitor network activity is also currently checked. I assume that is what
needs to be checked to have NiM prompt for logon when available?
College of Public Programs at ASU