Since 1.3.77:
+ * OpenAFS for Windows has failed to work at sites which are
+ utilizing a cross-realm trust between an MIT/Heimdal realm
+ and a multi-domain Windows forest when the workstation being
+ accessed is not located in the root domain. This is caused
+ by a bug in the workstation which was triggered after the
+ introduction of Windows 2003 Server. When the bug is triggered,
+ the workstation attempts to authenticate users to afsd_service.exe
+ by contacting the Domain Controller instead of using the
+ LSA loopback authentication mechanism.
+
+ One of the reasons this bug occurs is because the workstation
+ does not have a reliable way of knowing that the service whose
+ netbios name is "AFS" is located on the workstation. This will
+ be fixed starting in Longhorn Beta 1 by Microsoft. The
+ "BackConnectionHostNames" registry value will be used to
+ indicate that the authentications to that service name should
+ be performed using the loopback authentication mechanism.
+
+ In the meantime, when Logon Caching is enabled, we can force
+ afsd_service.exe to authenticate using the logon cache before
+ contacting the Domain Controller. This will work with both
+ password and smart card based logons.
+
* The allDown logic in cm_ConnByMServers() was wrong. The allDown
flag should not be cleared if a volume's server reference is
marked as "offline". In the case where all of the volume's
-OpenAFS for Windows 1.3.78 Installation Notes
+OpenAFS for Windows 1.3.80 Installation Notes
---------------------------------------------
The OpenAFS for Windows product was very poorly maintained throughout the
only the supported characters for the locale.
+31. As of 1.3.80 the AFS Cache file is stored by default at %TEMP%\AFSCache
+in a persistent file marked with the Hidden and System attributes. The
+persistent nature of the data stored in the cache file improves the
+performance of OpenAFS by reducing the number of times data must be read
+from the AFS file servers.
+
+
+32. Integrated Login (as of 1.3.80) supports the ability to obtain tokens
+for multiple cells. See the "TheseCells" value in registry.txt.
+
+
+33. New command line tool:
+
+ afsdacl : Set or reset the DACL to allow starting or stopping
+ the afsd service by any ordinary user.
+
+ Usage : afsdacl [-set | -reset] [-show]
+ -set : Sets the DACL
+ -reset : Reset the DACL
+ -show : Show current DACL (SDSF)
+
+34. As of 1.3.80, the default @sys name list has been changed to
+"x86_win32 i386_w2k i386_nt40" for 32-bit x86 systems. The default
+for itanium will be "ia64_win64" and "amd64_win64" for amd 64-bit
+processors.
+
+
+35. As of 1.3.80, symlinks to \\AFS[\all]\... will now be treated
+the same as symlinks to /afs/... However, please use /afs/... as
+the Windows UNC form will not work on Unix.
+
+
+36. As of 1.3.80, OpenAFS for Windows implements the Cache Manager
+Debugging RPC Interface. The CM debugger can be queried with
+cmdebug.exe.
+
+Usage: cmdebug -servers <server machine> [-port <IP port>] [-long]
+ [-addrs] [-cache] [-help]
+Where: -long print all info
+ -addrs print only host interfaces
+ -cache print only cache configuration
+
+37. If you are a site which utilizes MIT/Heimdal Kerberos principals
+to logon to Windows via a cross-realm relationship with a multi-domain
+Windows forest, you must enable Windows logon caching unless the
+workstation is Longhorn Beta 1 or later.
------------------------------------------------------------------------
projects / packages / o / openafs.git / commitdiff