[OpenAFS] Problems installing openafs on Solaris9

Petter Lindquist petter@hig.se
Thu, 4 Sep 2003 13:00:55 +0200 (CEST)


On Wed, 3 Sep 2003, Jerome Walter wrote:

> Unfortunately, you cannot store the passwords in the LDAP database. Passw=
ords
> have to be stored in AFS database or Kerberos database. LDAP does only st=
ore
> accounting information, such as unix uid, shell, gecos and so on ...
> I think you do not want people to have two passwords, so you should use
> pam_afs for authentication, and nss_ldap to get the accounting informatio=
n.

Hmm.. We store passwords in LDAP for all other systems we are using, and
we can not use afs for loggin into some web applications we have.


> To create the users in the afs database, see bos createuser (for superuse=
rs)
> and pts creatuser/creategroup/adduser/membership.

creating users in afs wouldn't be a problem, but it would be very nice to
have all passwords in the same database.


> Please do not be confuse, groups and ids in the AFs database are only
> considered in the AFS space, and the unix environment do not get this
> information for local use. You have to have an unix id in your LDAP, and =
it is
> a good idea to get the same AFS and unix Ids.

That doesn't seem to be any problem at all.

--=20
Mvh Petter Lindquist, N=E4tverksansvarig H=F6gskolan i G=E4vle
Tel 026-648914 / 070-549 8914