[mailto:firstname.lastname@example.org] On Behalf
Of Christopher Barry
Sent: Tuesday, January 06, 2009 11:05 AM
To: General discussion list for the Fedora Directory server project.
Subject: [Fedora-directory-users] sequence of events
Trying to wrap my head around how a linux laptop interacts
with AD/FDS when these are reachable - and not. Can you all
have a look and edit this post as required to bring me up to speed?
A. User is added to AD
B. WinSync pulls changes to FDS over SSL
1a. Newly added user on Linux laptop logs into laptop plugged
into domain LAN
1a.1 pam_krb5 acquires TGT from AD
1a.2 nss_ldap acquires authorization/automount and other map
data from FDS (SSL?)
2a. User uses TGT to access NetApp to automount their home directory
Domain login completes. Accessing other kerberized services
in an SSO mode functions.
1b. User logs into laptop off LAN
1b.1 pam_unix authenticates the user from passwd/group/shadow
and he mounts local home directory.
Local login completes.
3b. User vpns into office w/ vpnc.
3b.1 accesses various servers/services with domain
username/password resolved from FDS - no kerberos.
Please edit/flesh out as appropriate.
Sorry to repost, but no one commented on the above. Can someone review above and let me
know if I'm on the right track with my statements or clear up any misconceptions I may