Neulinger, Nathan wrote:
You just need to remember to update kadm5.acl if you decide to use a
different name (assuming you're using mit k5), as the default install of
that I believe gives krb db admin rights for all princs to */admin.
------------------------------------------------------------
Nathan Neulinger EMail: [EMAIL PROTECTED]
University of Missouri - Rolla Phone: (573) 341-6679
UMR Information Technology Fax: (573) 341-4216
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Russ Allbery
Sent: Wednesday, October 12, 2005 12:30 PM
To: [email protected]
Subject: Re: [OpenAFS] service principal question
Jiann-Ming Su <[EMAIL PROTECTED]> writes:
So the principal for the cell admin user should be
"some_user/[EMAIL PROTECTED]" for the same
reason? Or, can
the admin user be "[EMAIL PROTECTED]"?
This one doesn't matter; you can call the admin principal anything you
want. The /admin bit is just a convention.
--
Russ Allbery ([EMAIL PROTECTED])
<http://www.eyrie.org/~eagle/>
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
For my 2 cents I would say its a pretty good convention to hang on to ..
I would rather my admins had to remember to add the /admin to their
principal when doing admin work. I'd rather have a little inconvience
than a large headache.
/sd
--
Steve Devine
Storage Systems
Academic Computing & Network Services
Michigan State University
506 Computer Center
East Lansing, MI 48824-1042
1-517-432-7327
Baseball is ninety percent mental; the other half is physical.
- Yogi Berra
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
