The differences between AFS and the UNIX file system imply that a complete AFS user account is not the same as a UNIX user account. The following list describes the components of an AFS account. The same information appears in a corresponding section of Creating and Deleting User Accounts with the uss Command Suite, but is repeated here for your convenience.
A Protection Database entry defines the username (the name provided when authenticating with AFS), and maps it to an AFS user ID (AFS UID), a number that the AFS servers use internally when referencing users. The Protection Database also tracks the groups to which the user belongs. For details, see Administering the Protection Database.
An Authentication Database entry records the user's AFS password in a scrambled form suitable for use as an encryption key.
A home volume stores all the files in the user's home directory together on a single partition of a file server machine. The volume has an associated quota that limits its size. For a complete discussion of volumes, see Managing Volumes.
A mount point makes the contents of the user's volume visible and accessible in the AFS filespace, and acts as the user's home directory. For more details about mount points, see About Mounting Volumes.
Full access permissions on the home directory's access control list (ACL) and ownership of the directory (as displayed by the UNIX ls -ld command) enable the user to manage his or her files. For details on AFS file protection, see Managing Access Control Lists.
A local password file entry (in the /etc/passwd file or equivalent) of each AFS client machine enables the user to log in and access AFS files through the Cache Manager. A subsequent section in this chapter further discusses local password file entries.
Other optional configuration files make the account more convenient to use. Such files help the user log in and log out more easily, receive electronic mail, print, and so on.