[OpenAFS] foreign
Derek Atkins
warlord@MIT.EDU
14 Jan 2002 19:36:50 -0500
Um, I think you're using the wrong command (unless that pts is being
run where ThisCell == foreign cell).
In order to setup cross-realm:
1) you need cross-realm Kerberos (a shared key)
2) The foreign cell needs to setup a group to hold users
from your.original.cell:
pts cg system:authuser@your.original.cell -c foreign.cell
Then, once that is setup, users can create themselves ids in
the foreign cell:
3) user needs to obtain a token in the foreign cell:
aklog -cell foreign.cell
4) user creates themselves an id in the foreign cell:
pts cu user@your.original.cell -c foreign.cell
5) user gets new tokens with proper ID
aklog -cell foreign.cell -force
-derek
"T. Matthew Cocker" <matt@cs.auckland.ac.nz> writes:
> Hi
>
> I want to set up cross-realm authentication for our two cells but when
> I get the following error message when I try to create PTS entries for
> "user@your.original.cell" in foreign.cell
>
> # pts createuser -name user@your.original.cell
>
> pts: Badly formed name (group prefix doesn't match owner?) ; unable to
> create user user@your.original.cell
>
>
> The quick beginning guide indicates that a @ is not to be used in this
> PTS command. If this is so how do I create entries for foreign cells.
>
> Cheers
>
> Matt _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available