Introduction to AFS IMSA Intersession 2003 Managing AFS Services Brian Sebby, IMSA ‘96 Copyright 2003 by Brian Sebby, Copies of these slides.

Slides:



Advertisements
Similar presentations
AD User Import From SIMS.NET
Advertisements

Unit 5 – User Administration Randy Marchany VA Tech Computing Center.
Linux Users and Groups Management
Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.
Basic Unix system administration
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Lesson 17: Configuring Security Policies
Unauthorized Reproduction Prohibited SkyPoint Alarm Integration Add-On Using OnGuard Alarms to create events in SkyPoint Also called ‘SkyPoint V0’ CR4400.
Introduction to MySQL Administration.  Server startup and shutdown ◦ How to manually start and stop it from the command line ◦ How to arrange an automated.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
2000 Copyrights, Danielle S. Lahmani UNIX Tools G , Fall 2000 Danielle S. Lahmani Lecture 12.
Object-Oriented Enterprise Application Development Tomcat 3.2 Configuration Last Updated: 03/30/2001.
Chapter 2 Accessing Your System and the Common Desktop Environment.
6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
User Accounts and Permissions Chapter IV / Part II.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.
70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.
Advanced Databases Basic Database Administration Guide to Oracle 10g 1.
CCNA 2 v3.1 Module 2.
Linux+ Guide to Linux Certification, Second Edition
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
NovaBACKUP 10 xSP Technical Training By: Nathan Fouarge
Chapter 5 File and Printer Services
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Introduction to AFS IMSA Intersession 2003 Basic AFS User Commands Brian Sebby, IMSA ‘96 Copyright 2003 by Brian Sebby, Copies of these.
Forms Authentication, Users, Roles, Membership Svetlin Nakov Telerik Corporation
MARC 10.5 Update John Harvey. MARC 10.5 Changes  Backup Scripts restructured  Added a script to generate scripts outside of MARC  Generate Scripts.
Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.
Module 10: Configuring Windows XP Professional to Operate in Microsoft Networks.
Unix System Administration Rootly Powers Chapter 3.
Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.
Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set.
DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.
ITN Wake Tech1 ITN270 Advanced Internet Databases Lecture 15. General MySQL Administration Topics: –Securing a New MySQL Installation –MySQL Server.
Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.
Write-through Cache System Policies discussion and A introduction to the system.
Users Greg Porter V1.0, 26 Jan 09. What is a user? Users “own” files and directories Permission based on “ownership” Every user has a User ID (UID) 
Introduction to AFS IMSA Intersession 2003 AFS Servers and Clients Brian Sebby, IMSA ‘96 Copyright 2003 by Brian Sebby, Copies of these.
Managing Users  Each system has two kinds of users:  Superuser (root)  Regular user  Each user has his own username, password, and permissions that.
Managing SX.e and TWL with MARC and Scripts Jeremiah Curtis
Introduction to AFS IMSA Intersession 2003 AFS Odds and Ends Brian Sebby, IMSA ‘96 Copyright 2003 by Brian Sebby, Copies of these slides.
Chapter 10: Rights, User, and Group Administration.
Introduction to System Admin Sirak Kaewjamnong. 2 The system administration’s job  Adding a new user  Doing backup and restoring files from backups.
AFS AFS general presentation Olivier Le Moigne IT/DIS/DFS 12/1/1999.
Apache, MySQL and PHP Installation and Configuration Chapter 2 MySQL Installation and Configuration.
Administering Groups Chapter Eight. Exam Objectives In this Chapter:  Plan a security group hierarchy based upon delegation requirements  Plan a security.
© 2006 ITT Educational Services Inc. Linux Operating System :: Unit 3 :: Slide 1 Downloading and Installing Software yum pirut Bit Torrent rmp.
1 Objectives Discuss File Services in Windows Server 2008 Install the Distributed File System in Windows Server 2008 Discuss and create shared file resources.
CSC414 “Introduction to UNIX/ Linux” Lecture 6. Schedule 1. Introduction to Unix/ Linux 2. Kernel Structure and Device Drivers. 3. System and Storage.
SUSE Linux Enterprise Desktop Administration Chapter 9 Manage Users, Groups, and Permissions.
Introduction to AFS IMSA Intersession 2003 An Overview of AFS Brian Sebby, IMSA ’96 Copyright 2003 by Brian Sebby, Copies of these slides.
Basic UNIX system administration CS 2204 Class meeting 14 *Notes by Doug Bowman and other members of the CS faculty at Virginia Tech. Copyright
Quick Reference Guide The Multi-Vendor Backup Manager allows you to manage backup software settings on multiple agents in one place for Acronis, AppAssure,
Chapter 9 Lecture 4. NetWare Novell’s network operating system Biggest competitor – Microsoft Windows.
Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.
Agenda Customizing a Unix/Linux account Environment Introduction to Start-up Files (.bash_profile,.bashrc,.profile,.kshrc) Safe Methods for Changing Start-up.
LAN Switching Virtual LANs. Virtual LAN Concepts A LAN includes all devices in the same broadcast domain. A broadcast domain includes the set of all LAN-connected.
Chapter 5 : Designing Windows Server-Level Security Processes
Is 221: Database Administration
Active Directory Administration
Chapter 2 User Management
Adding New Users, Storage, File System
IS3440 Linux Security Unit 4 Securing the Linux Filesystem
OPS235 Lab4: Investigations 5 – 9
LINUX SYSTEM ADMINISTRATION
Adding New Users.
Presentation transcript:

Introduction to AFS IMSA Intersession 2003 Managing AFS Services Brian Sebby, IMSA ‘96 Copyright 2003 by Brian Sebby, Copies of these slides are available at

Creating bos jobs The bosserver process controls the various AFS servers, and can also manage other processes. As noted before, jobs can be of the type simple, fs, or cron. Simple jobs use a single command, fs joins multiple commands together, and cron jobs are ones that run at a particular time. The bos create command creates new jobs. To create simple jobs, use: bos create simple For instance, to create an instance of a process called “imsaserver”: bos create machine1 imsaserver simple /usr/afs/bin/imsaserver

Creating bos jobs, continued To create fs jobs, use: bos create fs You will only usually use fs types for file server processes, as shown in the documentation. To create cron jobs, use: bos create cron For instance, to run a cron job called “backupafs” to run at midnight, you would type: bos create machine1 backupafs cron “/usr/bin/vos backup root.afs -localauth” 0:00 Note that cron jobs usually need to use the –localauth flag, since they are being run as root on the AFS servers without a token. Also note that each server has a separate bosserver configuration stored in the BosConfig file, and most servers will have a different set of bos jobs.

More about bos To get the status of the various bos jobs, use the bos status command. The –long switch will give you more information about your jobs. You can control the status of processes normally by using the bos subcommands restart, shutdown, startup, stop, and start. The restart command restarts specified processes (or all of them if the –all flag is given.) The shutdown command shuts down the processes. The startup command will start processes after they have been shutdown. The stop command will permanently stop a process. The start command will start a process that has been sent the shutdown or stop commands.

An aside about command options Many of the AFS server commands will require additional options for use. Using the –noauth flag with the AFS server processes and administration commands will use them without using authentication. You normally only use this when creating a new cell and in extreme emergencies. Using the –localauth flag when root on an AFS server will allow you to perform administrative tasks on the files and databases on that server without authenticating. Processes will use the key in the local KeyFile to authenticate to the servers. This is normally used with AFS cron jobs to allow them to run without having to authenticate manually. For most kas commands, you must use the –admin command to tell kas to use your admin account for authentication. By default, kas will use your local username, which often is the same as your non-admin AFS account, even if you have an administrator token.

Server encryption keys The encryption keys for a server are stored in the /usr/afs/etc/KeyFile file. You can list the checksums of the keys by issuing the bos listkeys command. (You must be a member of the UserList to run this.) You can examine the current key’s checksum in the authentication database by using the kas examine command on the “afs” entry. (You must have the ADMIN flag set to do this.) Changing the server key is a two-part process. First, you must issue the bos addkey command with a version number 1 higher than the one given by listkeys. Then you will set a new password for the key. Then, you must do a kas setpasswd for the “afs” entity with the same version number you set in addkey. Finally, check the checksums of both entries to ensure that they match.

Three types of Superuser access There are three types of AFS superuser access. The first type allows you to modify the authentication database and issue any kas commands. To have this, your account must have the ADMIN field set in the authentication database. You can do this by using the kas setfields command: kas setfields ADMIN The second type allows you to execute any fs or pts commands. To do this, you must be in the group systems:administrators. To be in the list, execute the pts adduser command: pts adduser system:administrators The final type allows you to run vos, bos, and backup commands on the server. To do this, you must be in the server’s UserList file. To add yourself to the list, execute the bos adduser command. Note that this must be run for each database or file server: bos adduser

Creating a new AFS account You can create a new AFS account using the uss command suite, but you need to have a template set up first to do this. Please read the documentation for uss to learn how to use that method. Creating an account by hand is a three-step process. First, create an entry in the authentication database by using the kas create command. You will be prompted to enter the user’s initial password. Next, create an entry in the protection database by using the pts createuser command. You will normally want to match the UID to the user’s Unix UID. Finally, create a home directory volume, and mount it in the proper place. Generally, home directory volumes are prepended with “user” or “home” and end with the user’s login name, such as “user.bob”. If you are creating an administrator account, be sure to add the correct superuser permissions.

Conclusion – Additional Commands There are a few more administrative commands in the various command suites, but you normally do not need to use them. In the bos suite, you will find subcommands to change the time the server restarts, run commands on servers, etc. In the fs suite, you will find commands to modify the behavior of the cache manager, such as flushing the cache and verifying volume mappings. In the pts suite you will find commands to create users and groups, and modify entries to add fields, change the group quota, etc. In the vos suite you can modify the names of file servers, create backup volumes en masse, find information about partitions, etc. In the kas suite you can change ticket lifetimes, add fields to users, lock their accounts, etc. Please see the information given by the “ help ” subcommands or read the AFS Administrator’s Guide in the AFS documentation collection at

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.