Note that I still see cross-cell authentication working the same, so you would still have "system:authuser@foreign-realm" and pts users named "user@foreign-realm" which can be members of both PTS groups and ACLs.
-derek Derrick J Brashear <[EMAIL PROTECTED]> writes: > On Wed, 1 May 2002, Douglas E. Engert wrote: > > > AFS has done the authorization via the PTS. Will this continue to > > work the same way? > > For the moment. Something obviously needs to be done about it, but for > instance switching to LDAP would be dangerous for fileserver performance > reasons and because LDAP is not strictly a superset of PTS functionality. > > > Would you map foreign users to local users in the PTS? > > Would be nice to have the ability, it's certainly high on the list for a > next-generation version of the service. > > > Will foreign users be allowed on ACLs? > > In PTS groups, or on ACLs? They're not the same. > > > Do you still have the AFS ID? Do these need to be UUIDs? > > As long as you still have local users you're mapping to, there's no reason > it needs to change. It may be that it should, but it's not required. > > > _______________________________________________ > OpenAFS-info mailing list > [EMAIL PROTECTED] > https://lists.openafs.org/mailman/listinfo/openafs-info -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH [EMAIL PROTECTED] PGP key available _______________________________________________ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
