[BBLISA] Chucking samba

[Tom Fitzgerald]

> So I was thinking of ditching Samba for AFS.

Being at MIT of course I'm biased, but I like AFS.  The most common gotchas
seem to be:

- It's a total pain to set up.  Getting the first client to talk to the first
server results in 60% of the pain you will suffer overall.

- A small amount of carelessness ("Ooh, did I want 'vos zap' or 'vos delentry'
there?") can cause vast amounts of damage.

- Problems can be tough to track down (this is no different from AD/SMB/Samba,
but don't expect anything better).

- AFS semantics confuse many applications so you need to do extra work to
comfort them.  They get unhappy when file mode bits don't match the access
they actually have, and what happens when they can't write files due to
quota issues.

- AFS clients behind NATs have historically not worked well - most of the
problems have been fixed, but only very recently so subtle problems
might still exist.  (On the other hand most ISPs block SMB completely.)

- Windows flavors below "Professional" ("Starter", "Home", "Media Center")
do not work well, and 64-bit versions of Windows require extra effort.

- AFS interacts badly with some security packages like Norton Internet
Security.

On the other hand, big advantages of AFS (other than the sophisticated yet
useful ACLs which you mention) are performance over slow links and the
ability to move volumes between servers without interrupting access, and
you don't mention them at all.  If they aren't important to you then your
time might be better spent figuring out what's wrong with the samba setup
than building a whole new AFS infrastructure.

These days, I use AFS for almost everything.  I keep Samba shares for things
that need to be accessed from strange PCs that don't have OpenAFS installed
or that I don't want to type my Kerberos password into, that's it.