Thanks for the response! On Thu, Mar 11, 2010 at 3:21 PM, Dean Anderson <[email protected]> wrote: > Kerberos realm should be the same across all servers. Think of kerberos > realm as windows domain (which after all, it actually is) If you mean Microsoft, I have nothing to do with them so that reference (thank you by the way) doesn't help. :)
> Its like that movie: 'There can be only one' realm (and its backups) Ok, you get five geek points for sneaking a Highlander reference into the thread! :) > Cross-realm authentication is something to avoid with afs. There is no point; I'm not 100% sure I get it. Sorry for being dense. :( Let me ask it this way. Is there a way to set up a system to be an AFS *client* and not a server? How is it that I can, after logging in, authenticate from inside one realm to, say UCSD, and AFS mount a user specific file space to my machine? (Under the 'assumption' that they make it available.) I guess the other way of asking it is is how do you let "normal" users in without authenticating to the local system but still be able to gain access to remote AFS volumes? (Yes, I'm reading as much as I can as fast as I can to try and figure it all out.) And thank you to everyone for allowing me to use up some of this bandwidth. _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
