billbaird3 wrote:
Thanks for explaining all of this, I have been reading documentation...but some things just aren't very clear.It appears that you can store heimdal in ldap and there is documentation available for settings that up. I have been doing a lot of reading and plan on setting up a test server in the near future. One question I have is about a network layout. To minimize changes in each office...I would like to have our main data center have a network that all VPN users (which is everyone, all the time) connect to...say 10.0.0.0/24. The branch office openafs servers would then have a local ip (192.168.0.0/24 networks) as well as a VPN IP (10.0.0.0/24). Is it possible to do this and have the clients pick the closest server? For example...list our Los Angeles server in the CellDB with a local address and a vpn address giving the local address priority...so only people in that office can connect? Any other user would default to the vpn address.
The AFS Servers should have IP addresses that are visible to all officesso that you have redundancy. You can control the priority of servers for each office using "server preferences".
fs setserverpref
smime.p7s
Description: S/MIME Cryptographic Signature
