[OpenAFS] re: my afs wish list

Douglas E. Engert deengert@anl.gov
Wed, 30 Apr 2003 15:38:36 -0500


Be careful with the wish list, it sounds like you are redesigning DCE and DFS.

IMHO DCE failed because it tried to do all things for all people,
mixing up authentication, authorization and file services, all into
one cell/realm/domain, thus making it way to complicated. 


Deniz Akkus Kanca wrote:
> 
> Çarşamba 30 Nisan 2003 00:50 tarihinde, Nathan Ward şunları yazmıştı:
> 
> > > How about better user management???
> >
> > Yes! A single place for keeping Krb5 princs and AFS users, and if you get
> > really carried away, how about keeping that in sync with my OpenLDAP server
> > for my NSS stuff? Perhaps if it all was stored in LDAP...
> >
> 
> Let me timidly add my PLEASE to the above.
> 
> I have seen the discussions previously on the list, especially about LDAP, but
> it is cumbersome to have to create AFS user, Kerberos principal and LDAP
> entry.   It can be scripted of course, but it does make AFS adoption a
> slightly bigger hurdle than it already is. Something that reads AFS user info
> for use in NSS would go a long way and alleviate the need for LDAP (or local
> user creation).
> 
> Best regards,
> Deniz
> 
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info

-- 

 Douglas E. Engert  <DEEngert@anl.gov>
 Argonne National Laboratory
 9700 South Cass Avenue
 Argonne, Illinois  60439 
 (630) 252-5444