In message <[EMAIL PROTECTED]>, terry mccoy writes: >I think you should have used the -localauth option on the bos commands. I would have accept the install instructions explicitly say to use the -noauth. Go figure... >This raises several serious security concerns when you run bos without >authorization checking enabled. I took special precautions to make sure that I was the only one with an account on the server so hopefully most of the security issues were avoided, but do I also open myself to remote admininstration this way? I assumed it was something akin to krb5's `kadmin.local` program where anyone with super user access to the server could control the bosserver, but is this not the case? >Should not be creating volumes without authorization hence use the -localauth >option if you want to continue to create volumes as root from a file server. > >There are other (better) ways of doing this particular task. > > >At this point I think your in a little over your head with respect to >setting up a solid AFS cell, yes the standard Transarc AFS documentation >sucks (big time). :)~ I was afraid that was the case: thanks for your help, and I will make sure to check out the book. I keep looking on transarc's web page for their published documents, and really cannot find the administrator's guide. The closest thing I was found was Amdinistrative procedures (http://www.transarc.com/Support/afs/admin.html), which doesn't appear right. Does anyone have a url to the actual admin guide, or is this something that I have to purchase, or something that came with the Licence ( I am using afs on a campus wide site licence, so I don't have any of the original materials). Thanks for the help so far! - Rob
