[OpenAFS] Re: foreign-realm members of system:administrators
have weakened powers?
ted creedon
tcreedon@easystreet.com
Thu, 26 Jan 2006 07:55:51 -0800
I'd appreciate some documentation when its done.
Thanks.
tedc
Adam Megacz wrote:
>Ken Hornstein <kenh@cmf.nrl.navy.mil> writes:
>
>>When I tracked this one down, I found code to specifically disallow
>>foreign realm users in the code that handles the Bos UserList; it
>>would not surprise me to find similar code in the pts server.
>>
>
>Is there opposition to removing this code?
>
>I'm starting to like the idea of running AFS in its own micro-realm
>and having all users be cross-realm users. It cuts down a lot on
>administrative overhead (asking for favors from kdc admins when stuff
>changes) and keeps the username namespace nice and tidy without
>unduely favoring one institution or department over another.
>
> - a
>
>