[OpenAFS] Some questions about the future of OpenAFS

Derek Atkins warlord@MIT.EDU
01 May 2002 12:35:35 -0400

Note that I still see cross-cell authentication working the same, so
you would still have "system:authuser@foreign-realm" and pts users
named "user@foreign-realm" which can be members of both PTS groups and


Derrick J Brashear <shadow@dementia.org> writes:

> On Wed, 1 May 2002, Douglas E. Engert wrote:
> > AFS has done the authorization via the PTS. Will this continue to
> > work the same way? 
> For the moment. Something obviously needs to be done about it, but for
> instance switching to LDAP would be dangerous for fileserver performance
> reasons and because LDAP is not strictly a superset of PTS functionality.
> > Would you map foreign users to local users in the PTS?
> Would be nice to have the ability, it's certainly high on the list for a
> next-generation version of the service.
> > Will foreign users be allowed on ACLs? 
> In PTS groups, or on ACLs? They're not the same.
> > Do you still have the AFS ID? Do these need to be UUIDs?
> As long as you still have local users you're mapping to, there's no reason
> it needs to change. It may be that it should, but it's not required.
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info

       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available