[OpenAFS] Administrators with a slash

Ciprian Dorin Craciun ciprian.craciun@gmail.com
Sun, 3 Mar 2019 23:30:41 +0200

On Tue, Jan 10, 2012 at 3:20 PM Bobb Crosbie
<bobb.crosbie@cremeglobal.com> wrote:
> I now recall reading about the slash -> dot remapping in the docs, but I had forgotten about it.
> I think perhaps the tools might have done a better job of indicating that there was a problem, and what it might be ?
> If slashes are remapped to dots, then perhaps ``pts createuser'' should issue a warning message if you try to create a user with a slash ?
> As it stands (1.4.12 & 1.6.0), pts happily creates the user with the slash and also includes it in the list of entries.

Sorry for reviving such an old thread, but I've just wasted about 4
hours randomly trying things out in order to get OpenAFS (1.8.0) with
Kerberos to actually work...  And fortunately (?!) I've managed to
find the solution through this random process;  thus I've searched the
mailing lists to see if anyone had the same issue...

Perhaps the OpenAFS Quick Start UNIX chapters touching the Kerberos
integration (http://docs.openafs.org/QuickStartUnix/HDRWQ53.html)
should clearly state this issue with principals containing dots and
using at the same time instances (i.e. slashes)...

Moreover as Bobb observed almost 10 years ago, none of the OpenAFS
tools (not even in 1.8.0) give any hint about what is happening, not
in the logs, nor on stderr...

Moreover it's still unclear to me if in `pts createuser` I should use
the `username.admin` or `username/admin` variants?  (It lets me do
both, but I think only the former actually works.)  Could someone tell
me the "correct" syntax for OpenAFS usernames?