[OpenAFS] Kerberos

scorch scorch@muse.net.nz
Sat, 06 Aug 2005 08:39:24 +0200

Morgan Hallgren said the following on 2005-08-06 00:21:

>Is it possible to have the openafs users in a kerberos database or in
>a ldap directory?
>A have a central userdatabase and done want to admin more then one
>account/user. Is this possible ?
>OpenAFS-info mailing list
hi Morgan,

the users are already authenticated through krb, so you could safely 
assume you already have a central user database ;-)

If you want to store AFS authorisation data (ACLs and access rights, per 
already authenticated users) in LDAP, instead of kerberos, or the UIDs 
for example, then thats something different  ...

I found the following links useful - YMMV.

afs & krb stuff    http://kula.public.iastate.edu/talks/afs-bpw-2005/
krb & ldap    http://www.ofb.net/~jheiss/krbldap/howto.html 
krb & ldap    http://www.arayan.com/da/yazi/OpenAFS_Kerberos_5.html

but I've not heard of a re-write of the PTS to refer to LDAP instead for 
authorisation data. Maybe a list archive search would help here

I hope that helps clarify your question!

cheers, scorch
out of the frying pan and into the fire