Hi,

We are looking into options to setup a file server for our MAC OS X clients. We may eventually want to access the server from Linux and Windows clients.

We plan on using a Linux file server.

I was looking at my options, and it looks like AFS is the best file sharing protocol (compared to NFS, SMB, and a few others). In fact, from what I have seen, AFS looks spectacular.

Before we make our decision, I have a few questions:

1. Why isn't AFS more well known? I have looked through various forums and various linux sites, and AFS seems to be rarely used.

2. What are some problems/limitations/cons of AFS?

3. Can my AFS servers use Active Directory for user authentication?

4. Can I have multiple authentication servers? I read that the files get replicated to other file servers, but what about the authentication server?

5. Is there a way for file to inherit parent folder's permission like in Windows? So if a user creates a new file, it will inherit the permissions of the parent so other users can access/modify the file (assuming they have access to the folder)?

6. Does the replication replicate every file to every file server? Or does it only replicate specific files to specific servers? If I have 3 file servers, will there therefore be 3 copies of each file or 2? How do I set that?

7. How does the replication do its thing? Does it send the entire file to the other server as soon as the file is modified? Or does it send only the changes of the file? Does it only send changes on a scheduled basis?

8. How does the replication prevent 2 users from changing one file at the same time?

9. Can the windows client use single-sign-on? Or will the users be prompted for their username and password?


Forgive me if any of these questions are included in the AFS documentation. I went through the documentation rather quickly and was quite overwhelved.

Can anyone refer me to some good tutorials and other EASY introduction documentation on it?

Thanks.

Quote from wikipedia:
The existing user base includes small single server cells as well as large multinational deployments spanning academia, private research laboratories, government, and commercial entities. A small snapshot of the deployed AFS cells can be found by reviewing the contents of the CellServDB file distributed with OpenAFS.

I think it is not more well known because it is a larger system than what most people want to administer, and it is not flashy. Also, it used to be much more difficult to get the software for it (before its open source release from transarc).

It is big, scary, complicated, and typically involves modification of all systems using it (new software, kernel modules, etc...). It does not work like a standard posix filesystem. FIFOs are not supported. AFS ACLs are directory based, and different from standard unix permissions - I think they are better, but some people might get confused.

I have used AFS with a Heimdal KDC (it was easy and worked well). For msad, you might try:
http://www.openafs.org/pipermail/ope...er/019249.html

If you use the built in KAserver(s), it is supposed to handle most everything for you. If you use heimdal or mit KDCs, you can do master/slave replication, but I don't think either one is yet master/master capable. If you really want the multimaster, you could set it up yourself, or maybe use macos:
http://www.afp548.com/article.php?st...60724104018616

Permissions (ACLs) are directory based, and directories inherit from the parent when created. Of course they can be cahnged after creation.

Replication is manually setup and is volume based. Volumes are ReadWrite (RW) or ReadOnly (RO) and RO volumes have an associated RW volume. If you want multiple RO volumes (on multiple servers and/or partitions), you can easily set that up.

The RO volumes are updated on command.

One RW copy. Other than that, I think it is like a unix FS - and file locking is supported, IIRC.

I believe it should be able to do SSO, if you have all the bits setup correctly.


I think you would find the FAQ enlightening.
http://www.dementia.org/twiki/bin/vi...AskedQuestions

I hope this information is useful. Please ask if there are areas that I did not sufficiently explain.