Garrett D'Amore writes:
> It is possible to achieve what you want with ADM. It requires writing
> some scheme code. This is what we currently use at QUALCOMM. I have
> some problems with this approach (I'm the only one at our site that
> knows scheme!), and I will be producing a C based solution using a
> database of permissions in the not-too-distant future. We may decide
> to release my work to the AFS community, but no guarantees just yet.
>
I was thinking of doing the same thing. We use sysctl at Stanford, which
is much easier to use/setup then ADM, but is also overkill for the
basic "I want to allow certain people to create/move/release volumes"
type of question. A trivial kerberized server could easily grab
an admin token and only allow authorized people to do certain things...
roland
