[OpenAFS] PTS groups
Derek Atkins
warlord@MIT.EDU
Tue, 30 Nov 2004 10:07:49 -0500
Matthew Cocker <matt@cs.auckland.ac.nz> writes:
> How do you do this in PTS in 1.2.13
If 1.2.13 has the patches (I do not know if it does) then you'd just
use a group like you'd use a user... E.g.:
pts addu -user group:subgroup -group group:supergroup -cell <mycell>
> What is the cause of this limit?
>
> Is it replication or the admin tools?
It's a performance issue. I don't know the root cause, but as already
stated by someone else large groups can start causing strange problems
with replication and management. This is another reason
groups-in-groups are better -- you can then increase the membership of
a top-level group by breaking it out into subgroups.
> The reason I ask is that Windows 2000 AD had group membership limits
> that you could work around if you carefully controlled where you
> allowed group modification to occur (i.e. force it to be single master
> for changes).
PTS already forces a single master for changes.. This is an operational
issue with size, IIRC.
> If there is no work around we could use group of group structures
> later when they are in the stable version of AFS and/or we can break
> up the 400 large groups that are actually needed.
How large are your groups?
> This raises the question how many group/users can be listed in an ACL?
20.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available