Coda File System

Re: authenticaion on non scm servers?

From: Jan Harkes <jaharkes_at_cs.cmu.edu>
Date: Thu, 21 Sep 2000 11:21:59 -0400
On Thu, Sep 21, 2000 at 09:45:32AM -0500, Corey R. Halpin wrote:
>   Am I configured incorrectly, or can only the scm issue tokens?
>   If this is the case, why?  It doesn't make a lot of sense to me.  I had 
> thought that the point of multiple servers was to distribute load, increased 
> redundancy and such.  If the scm is the only server in the whole 
> conglomeration who can give auth tokens, well, I'm mystified.

Every server that runs the auth2 daemon can issue tokens. The required
datebases with user and password information as well as the shared
secret to encode the tokens are distributed amongst the servers using
the updateclnt/updatesrv daemons.

The SCM has the only read-write copy of those databases, so only the SCM
can add new users or handle password changes.

Similarily every server can server volume location information and can
be a `root-server'.

Jan
Received on 2000-09-21 11:24:10