Fwd: [OpenAFS] Manually Creating Cross Realm Users
Sat, 16 Jun 2012 09:16:55 -0400
Yes, something can be added. Anyone is welcome to update the manuals and
admin guide and may do so. Would you like someone to walk you through
the process of updating the manual?
On 06/16/2012 05:17 AM, Jayen Ashar wrote:
> Yes, I found that after reading Simon's email. Just reading the man
> page, though, it wouldn't have been clear to me that this is what I
> wanted. Could a line be added to the man page similar to what Simon
> "When multiple Kerberos5 realms authenticate to the same AFS cell, all
> local and foreign realms in krb.conf are equivalent, so sxw@LOCAL and
> sxw@FOREIGN would both map to the pts user sxw."
> Could something also be added to
> http://docs.openafs.org/AdminGuide/ch02s03.html#HDRWQ40 (Granting and
> Denying Foreign Users Access to Your Cell)?
> P.S. Apologies if this is a duplicate. I have reason to believe the
> university's mail server dropped my previous reply.
> On Thu, 14 Jun 2012, Jason Edgecombe wrote:
>> I don't think so. It's documented in the krb.conf man page, though.
>> On 06/14/2012 07:16 AM, Jayen Ashar wrote:
>>> Yes, that works wonderfully! Thanks for that. Is this mentioned in
>>> the Admin Guide somewhere? I couldn't find it.
>>> On Thu, Jun 14, 2012 at 9:04 PM, Simon Wilkinson
>>> <email@example.com> wrote:
>>>> On 14 Jun 2012, at 11:45, Jayen Ashar <firstname.lastname@example.org> wrote:
>>>>> Is there any chance this has changed in the last 9 years?
>>>> The details of how cross-realm users are created hasn't changed,
>>>> However, I don't think this is applicable to your situation. What you should do is list both your local and foreign realms in krb.conf. This tells AFS that the two realms are equivalent, so sxw@LOCAL and sxw@FOREIGN would both map to the pts user sxw.
> OpenAFS-info mailing list