[OpenAFS] Re: pts create cross realm users
Andrew Deason
adeason@sinenomine.net
Fri, 30 Jul 2010 10:06:30 -0500
On Thu, 29 Jul 2010 10:21:41 -0400
Jeffrey Altman <jaltman@secure-endpoints.com> wrote:
> It is roughly correct. The cell name is not transmitted as part of the
> RPC to the pt server but when the foreign cell group entry is
> constructed the name ends up exceeding the limit.
The ptserver doesn't allow user names to be longer than PR_MAXNAMELEN
minus the length of the local cell name, which I think is the check
that's failing... (CorrectUserName). This additional restriction is so
the user can be used as a foreign user name in another cell, though;
shouldn't we bypass that check for foreign users? We're not ever going
to need to create a
asdfasdfa@student.uni-goettingen.de@informatik.uni-goettingen.de, right?
--
Andrew Deason
adeason@sinenomine.net