> -----Original Message----- > From: fedora-directory-users-bounces at redhat.com > [mailto:fedora-directory-users-bounces at redhat.com] On Behalf > Of Christopher Barry > Sent: Tuesday, January 06, 2009 11:05 AM > To: General discussion list for the Fedora Directory server project. > Subject: sequence of events > > Greetings all, > > Trying to wrap my head around how a linux laptop interacts > with AD/FDS when these are reachable - and not. Can you all > have a look and edit this post as required to bring me up to speed? > > A. User is added to AD > B. WinSync pulls changes to FDS over SSL > > 1a. Newly added user on Linux laptop logs into laptop plugged > into domain LAN > 1a.1 pam_krb5 acquires TGT from AD > 1a.2 nss_ldap acquires authorization/automount and other map > data from FDS (SSL?) > > 2a. User uses TGT to access NetApp to automount their home directory > > Domain login completes. Accessing other kerberized services > in an SSO mode functions. > > ==================== > > 1b. User logs into laptop off LAN > 1b.1 pam_unix authenticates the user from passwd/group/shadow > and he mounts local home directory. > > Local login completes. > > 3b. User vpns into office w/ vpnc. > 3b.1 accesses various servers/services with domain > username/password resolved from FDS - no kerberos. > > > Please edit/flesh out as appropriate. > > Thanks All, > Christopher Hello, Sorry to repost, but no one commented on the above. Can someone review above and let me know if I'm on the right track with my statements or clear up any misconceptions I may have? Thanks again, -C
