[OpenAFS] Two realms and one cell
Thu, 03 Jul 2014 13:59:59 +0200 (CEST)
> A little question. We have one AFS cell myrealm.fr and a Kerberos
> realm myrealm.fr. We must use our AFS cell with a another realm named
> otherrealm.fr. There is no trusted relations between myrealm.fr and
> otherrealm.fr. Is it possible ?
If you don't trust otherrealm.fr enough to establish cross-realm, you
probably don't trust otherrealm.fr enough to give them a set of AFS
service keys for your servers.
Then users from otherrealm.fr must have firstname.lastname@example.org or any
other realm you trust.