[OpenAFS] Re: OpenAFS and AD trusts

[Russ Allbery]

Jeffrey Altman <jaltman@secure-endpoints.com> writes:

> What you want to accomplish is fine but all of your users will be
> foreign identities in the AFS Protection database.

>   john@iu.edu
>   jane@school1.edu
>   jack@school2.edu

> etc and you need to add groups for foreign realms
> (system:authuser@FOREIGN.REALM) for each realm that you want to accept
> users from.

Ah, yes, that's right, that works too.

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>