Introduction to AFS IMSA Intersession 2003 An Overview of AFS Brian Sebby, IMSA ’96 Copyright 2003 by Brian Sebby, Copies of these slides.

Slides:



Advertisements
Similar presentations
CN2140 Server II (V2) Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Advertisements

Andrew File System CSS534 ZACH MA. History  Originated in October 1982, by the Information Technology Center (ITC) formed with Carnegie Mellon and IBM.
Andrew File System (AFS)
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Other File Systems: AFS, Napster. 2 Recap NFS: –Server exposes one or more directories Client accesses them by mounting the directories –Stateless server.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
Chapter 4 Introduction to Active Directory and Account Management
Jeff Chheng Jun Du.  Distributed file system  Designed for scalability, security, and high availability  Descendant of version 2 of Andrew File System.
5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
SubVersioN – the new Central Service at DESY by Marian Gawron.
A crash course in njit’s Afs
ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.
Module 1: Installing Active Directory Domain Services
Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:
Course 6425A Module 9: Implementing an Active Directory Domain Services Maintenance Plan Presentation: 55 minutes Lab: 75 minutes This module helps students.
MS systems use one of the following: LanManager Hash (LM) LanManager Hash (LM) NT LanManager (NTLM) NT LanManager (NTLM) Cached passwords Cached passwords.
11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.
1 SAMBA. 2 Module - SAMBA ♦ Overview The presence of diverse machines in the network environment is natural. So their interoperability is critical. This.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.
Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
Introduction to AFS IMSA Intersession 2003 Basic AFS User Commands Brian Sebby, IMSA ‘96 Copyright 2003 by Brian Sebby, Copies of these.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 14 Windows XP Professional 1.
Chapter 9: Novell NetWare
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management.
Techy Information Anandha Gopalan September 13, 2006.
Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
Indiana University’s Research File System. What is the IU Research File System? /user1/user2 /collaboration User 1, on campus User 2, somewhere else BACKUP.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
Designing Authentication for a Microsoft Windows 2000 Network Designing Authentication in a Microsoft Windows 2000 Network Designing Kerberos Authentication.
DFS & Active Directory Joshua Hedges |Brandon Maxfield | Robert Rivera | Will Zilch.
Object-Oriented Analysis & Design Subversion. Contents  Configuration management  The repository  Versioning  Tags  Branches  Subversion 2.
File System Management File system management encompasses the provision of a way to store your data in a computer, as well as a way for you to find and.
Module 7 Active Directory and Account Management.
10.1 Silberschatz, Galvin and Gagne ©2005 Operating System Principles 10.4 File System Mounting A file system must be mounted before it can be accessed.
Introduction to AFS IMSA Intersession 2003 AFS Servers and Clients Brian Sebby, IMSA ‘96 Copyright 2003 by Brian Sebby, Copies of these.
Module 3 Configuring File Access and Printers on Windows ® 7 Clients.
Introduction to AFS IMSA Intersession 2003 AFS Odds and Ends Brian Sebby, IMSA ‘96 Copyright 2003 by Brian Sebby, Copies of these slides.
Module 3 Configuring File Access and Printers on Windows 7 Clients.
NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.
Chapter 10: Rights, User, and Group Administration.
Module 3: Configuring File Access and Printers on Windows 7 Clients
Module 1: Implementing Active Directory ® Domain Services.
AFS AFS general presentation Olivier Le Moigne IT/DIS/DFS 12/1/1999.
1 Network Information System (NIS). 2 Module – Network Information System (NIS) ♦ Overview This module focuses on configuring and managing Network Information.
OLE Slide No. 1 Object Linking and Embedding H OLE H definition H add other information to documents H copy.
Your friend, Bluestem. What is Bluestem? “Bluestem is a software system which enables one or more high-security SSL HTTP servers in a domain (entrusted.
Lecture 4 Mechanisms & Kernel for NOSs. Mechanisms for Network Operating Systems  Network operating systems provide three basic mechanisms that support.
1 Objectives Discuss File Services in Windows Server 2008 Install the Distributed File System in Windows Server 2008 Discuss and create shared file resources.
Lesson 18: Configuring Security for Mobile Devices MOAC : Configuring Windows 8.1.
Introduction to AFS IMSA Intersession 2003 Managing AFS Services Brian Sebby, IMSA ‘96 Copyright 2003 by Brian Sebby, Copies of these slides.
1 CEG 2400 Fall 2012 eDirectory – Directory Service.
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
1 Example security systems n Kerberos n Secure shell.
2Operating Systems  Program that runs on a computer  Manages hardware resources  Allows for execution of programs  Acts as an intermediary between.
Configuring File Services
Introduction to Operating Systems
IS3440 Linux Security Unit 4 Securing the Linux Filesystem
Transarc AFS Client for NT
IBM Tivoli Storage Manager
Presentation transcript:

Introduction to AFS IMSA Intersession 2003 An Overview of AFS Brian Sebby, IMSA ’96 Copyright 2003 by Brian Sebby, Copies of these slides are available at

A Brief History of AFS Started as research project at Carnegie-Mellon University in the 1980s. AFS group created Transarc Labs to develop AFS as a commercial product in the late 80s. Transarc Labs acquired by IBM in mid-90s. AFS source code released to open source community in November 2000, OpenAFS project begun. IBM/Transarc announces end-of-life of their commercial version of AFS in mid OpenAFS project continues, version released in December 2002.

Advantages of AFS AFS is a global file system that provides a single view of its file space on every computer that uses it. AFS is supported by several flavors of Unix, Windows, and Macintosh, making file sharing very easy. AFS uses Kerberos authentication for strong data protection. AFS allows replication of data across multiple machines to avoid data loss. AFS includes advanced access control and multiple ways of storing data (including read-write and read-only access.)

AFS Cells A collection of AFS servers and AFS clients that access that data at a particular site is called an AFS Cell. The cell is usually accessed through the directory /afs/ AFS servers include database servers, which store information about about files and volumes, file servers which serve the actual files, backup servers, and system update servers. This intersession will only focus on file and database servers. AFS clients are configured to access these servers to retrieve the data stored on them.

AFS Volumes Files are stored in AFS in logical units called volumes. Volumes can contain many subdirectories and files. Volumes are linked to each other through mount points that function like regular directories. There are three types of volumes: read-write, read- only, and backup volumes. Quotas in AFS are handled on a per-volume basis, and apply to every user of that volume.

More about volumes When a new volume is created, it is by default a read-write volume. All access to this volume is initially to the RW volume. If a volume is replicated, the replicas are all read-only volumes. Once the volume has been replicated, further accesses are through the read-only volumes. Mount points can be read-only or read-write. The only way to access a read-write volume is if its parent mount points are read-write volumes.

Even more about volumes When you access /afs/ / you normally will be accessing the read-only volume if one exists. It is common to create a read-write mount point at /afs/. to allow access to read-write volumes. Any access to a volume under this read-write mount point will be in read-write mode. Mount points do not contain info about the volume’s location, that is handled by the database server. A backup volume is a snapshot taken of a volume at a particular time. It cannot be modified. Backup volumes are used to provide quick access to older data (usually yesterday’s data) and for backing up the AFS file system.

Tokens and ACLs When a user authenticates to AFS, they are given a token that lets the servers know what privileges that user has. The AFS token is really a Kerberos v4 ticket. Kerberos v5 tickets can be converted to be used with AFS, but we will not be covering how to do so in this intersession. A user can have only one token per cell that they are authenticated to. A token can be associated either with a user’s UID or a protection unit called a PAG that is unique to a shell process. Access Control Lists (ACLs) are used to allow access to AFS data. Unlike normal Unix protection bits, ACLs are set on a directory basis and apply to every file in that directory.

AFS Servers AFS servers provide database and file server access. The database servers have four databases that they manage: the authentication, protection, volume location, and backup databases. The authentication database stores account passwords, and the server’s encryption key. The protection databases stores user names and UIDs, group names and GIDs, and group members. The volume location database stores the physical location and IDs of all volumes in the cell. The backup database stores the information about backups of the AFS data.

More about servers The file servers handle the physical access to AFS data. They store the volumes on their disks, and provide the data when requested. The file servers store an ACL for each directory in the file space, and verify that users have the authority to access the requested data based on the user’s token. Volumes are stored in “vice” partitions on fileservers that are mounted as /vicep. There are also system control servers and binary distribution servers which can distribute configuration and AFS binaries to other servers and clients, but we will not cover these.

AFS Clients AFS clients run a program called a cache manager to control their access of AFS data. The cache manager provides configuration information to tell the client where to look for its data, allows the user to authenticate to the AFS servers, and handles the communications with the file servers to access the actual data. Data fetched from the file servers is cached locally while the data is being used, and is written back to the AFS server when the data has been updated and written to disk.

Overview Conclusion More detailed information about servers and clients will come later. Several topics are being skipped or simplified to save time. Please look at the AFS documentation for more information. Documentation can be found on the local machine in /usr/share/doc/openafs or on the web at:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.