[8554] in Info-AFS_Redistribution
Re: afs pts schema?
daemon@ATHENA.MIT.EDU (Douglas E. Engert)
Wed Mar 14 09:03:36 2001
Message-ID: <3AAF7934.98232B5B@anl.gov>
Date: Wed, 14 Mar 2001 07:59:16 -0600
From: "Douglas E. Engert" <deengert@anl.gov>
MIME-Version: 1.0
To: Leif Johansson <leifj@it.su.se>
CC: info-afs@transarc.com, openafs-info@openafs.org, tf-lsd@terena.nl,
linux-ldap@rage.net, Donna Skibbie <donnas@us.ibm.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
IBM is proposing something similiar for Kerberos 5:
Kerberos KDC LDAP Schema
draft-skibbie-krb-kdc-ldap-schema-01.txt
"Donna Skibbie" <donnas@us.ibm.com>
This missed the cutoff for IETF draft submisions, but Dona Skibbie will
be talking for 10 minutes at the krb-wg next week.
Leif Johansson wrote:
>
> Warning. This mail contains material that may be inappropriate for =
>
> orthodox AFS users :-)
>
> Has anyone thought to drop pts into ldap? The semantics of pts groups =
>
> should not be that different from groupOfUniqueNames so the schema =
>
> additions should be relatively minor(?) One implementation scenario is to=
> =
>
> drop the pts client altoghether and just keep the pts server as a =
>
> protocol translator into ldap (authenticating to the directory server =
>
> as afs@REALM over GSSAPI perhaps) and do all user and group admin in =
>
> the directory server. I guess DCE must have a schema that kinda does
> this but that may not be appropriate for afs.... Comments?
>
> Cheers Leif
>
> -----------------------------------------------------------------
> Leif Johansson Phone: +46 8 164541 =
>
> IT- and media services
> Stockholm University email: leifj@it.su.se =
>
> <This space is left blank for quotational and disclamatory purposes.>
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444