[OpenAFS] Multiple Cells

Mikkel Kruse Johnsen mikkel@linet.dk
Mon, 07 Nov 2005 14:05:22 +0100 

--Boundary_(ID_q7ilVsUNU7Z+ls1Sgnxspg)
Content-type: text/plain
Content-transfer-encoding: 7BIT

Hi All

Great about the new release. Looks cool and works, just a few questions.

1. OpenAFS 1.4 should be capable of using MIT Kerberos V, When creating
the the keytab (for use with asetkey) I do "ktadd -e des-cbc-crc:v4
afs/linet.dk", when using aklog it fails if krb524d is not running. Is
that the way to create the keytab ? Should'nt I be able to use aklog
without krb524d running ?

2. I understand that OpenAFS is not able to manage multple cells,
because it don't include the cell name in the protocol (correct me if
i'm wrong). What would it take to make OpenAFS able to handle multiple
cells. ?

I would like to provide an AFS cell for my customers, so I need to have
more than one root.afs and also each cells must authenticate to each one
MIT Kerberos V REALM.

        /afs/linet.dk
        /afs/custum1.dk
        /afs/custom2.dk

Each cell has it's own vicepx partition and it's own user database and
authenticate to it's own REALM.

Could someone comment on this, please  ?


Kind regarts

Mikkel


--Boundary_(ID_q7ilVsUNU7Z+ls1Sgnxspg)
Content-type: text/html; charset=utf-8
Content-transfer-encoding: 7BIT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
  <META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
  <META NAME="GENERATOR" CONTENT="GtkHTML/3.8.1">
</HEAD>
<BODY>
Hi All<BR>
<BR>
Great about the new release. Looks cool and works, just a few questions.<BR>
<BR>
1. OpenAFS 1.4 should be capable of using MIT Kerberos V, When creating the the keytab (for use with asetkey) I do &quot;ktadd -e des-cbc-crc:v4 afs/linet.dk&quot;, when using aklog it fails if krb524d is not running. Is that the way to create the keytab ? Should'nt I be able to use aklog without krb524d running ?<BR>
<BR>
2. I understand that OpenAFS is not able to manage multple cells, because it don't include the cell name in the protocol (correct me if i'm wrong). What would it take to make OpenAFS able to handle multiple cells. ?<BR>
<BR>
I would like to provide an AFS cell for my customers, so I need to have more than one root.afs and also each cells must authenticate to each one MIT Kerberos V REALM.<BR>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /afs/linet.dk<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /afs/custum1.dk<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /afs/custom2.dk<BR>
<BR>
Each cell has it's own vicepx partition and it's own user database and authenticate to it's own REALM.<BR>
<BR>
Could someone comment on this, please&nbsp; ?<BR>
<BR>
<BR>
Kind regarts<BR>
<BR>
Mikkel<BR>
<BR>
</BODY>
</HTML>

--Boundary_(ID_q7ilVsUNU7Z+ls1Sgnxspg)--