Hi all,
We're doing some Big Thinking about where to head with our
architechture, and a major issue for me is whether to transition from
straight AFS to AFS + krb5 or to move over to DCE/DFS. So, I have a
few questions:
I have seen DCE/DFS referred to on this list as a "monstrosity" or
something similar. Can anyone share with me reasons for staying away
from it? The main advantages I can see in DFS over AFS are better
(IMHO) ACLs, and scheduled 'vos release's.
Second, how painful is a migration from straight AFS to AFS+krb5?
Third, is there any merit to my boss's very abstract idea that an
"integrated security environment" such as DCE/DFS fills in cracks
better than AFS+krb5? My personal feeling is that krb5 itself is
quite integrated and solid, and AFS is built with kerberos in mind.
But, I'm wondering if some of you could back me up with more
information or tell me I'm wrong and why.
Thanks in advance,
Wangden
--
Kelsang Wangden (Buddhist monk) Technical Manager
Social Science Research Computing, University of Chicago
[EMAIL PROTECTED] (773) 702-3792
PGP key: http://www.src.uchicago.edu/~wngdn/key.txt
