From 6c2b0c118b83cdc2e2a462ced827ef29eae40683 Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Sat, 8 Nov 2008 00:06:39 +0000 Subject: [PATCH] DEVEL15-windows-release-notes-20081107 LICENSE MIT notes for 1.5.55 --- .../en_US/html/ReleaseNotes/logo.htm | 2 +- .../html/ReleaseNotes/relnotes-frames.htm | 6 +- .../en_US/html/ReleaseNotes/relnotes.htm | 3020 ++++++----- .../en_US/html/ReleaseNotes/toc.htm | 4593 ++++++++--------- .../Documentation/en_US/html/index.htm | 4 +- 5 files changed, 3687 insertions(+), 3938 deletions(-) diff --git a/src/WINNT/doc/install/Documentation/en_US/html/ReleaseNotes/logo.htm b/src/WINNT/doc/install/Documentation/en_US/html/ReleaseNotes/logo.htm index f2368ebe2..0da9d1d9d 100644 --- a/src/WINNT/doc/install/Documentation/en_US/html/ReleaseNotes/logo.htm +++ b/src/WINNT/doc/install/Documentation/en_US/html/ReleaseNotes/logo.htm @@ -18,7 +18,7 @@ w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} -OpenAFS for Windows 1.5.54 Release Notes +OpenAFS for Windows 1.5.55 Release Notes -OpenAFS for Windows 1.5.54 Release Notes +OpenAFS for Windows 1.5.55 Release Notes - + netidmgr_main

+src="relnotes_files/image002.jpg" alt="netidmgr_main" v:shapes="Picture_x0020_1">

The Network Identity Manager replaces the former KFW ticket manager, Leash”, and when combined with the OpenAFS Provider, it is intended to @@ -1778,7 +1820,7 @@ style='mso-no-proof:yes'>netidmgr_afs_opt

+src="relnotes_files/image004.jpg" alt="netidmgr_afs_opt" v:shapes="Picture_x0020_2">

The AFS configuration panel for each Kerberos v5 identity is used to configure which cells credentials should be obtained for and how they @@ -1793,7 +1835,7 @@ style='mso-no-proof:yes'>netidmgr_afs_cfg

+src="relnotes_files/image006.jpg" alt="netidmgr_afs_cfg" v:shapes="Picture_x0020_3">

The OpenAFS Provider configuration panel can be used to check the status of the AFS Client Service and its version.   A shortcut to the OpenAFS Control Panel is also provided.

-

3.2. Use of the Microsoft Loopback Adapter -by the AFS Client Service

+

3.3. +Use of the Microsoft Loopback Adapter by the AFS Client Service

By itself the OpenAFS Client Service does not provide robust behavior in a plug-n-play network environment.  Changes to the number of @@ -1865,14 +1908,15 @@ no longer required to be unique.  Instead the NETBIOS name associated with the AFS Client Service is simply "AFS" and portable UNC paths of the form \\AFS\cellname\path can now be used on all machines.

-

3.3. Using Freelance (Dynamic Root) Mode to -Improve Mobility

+

3.4. +Using Freelance (Dynamic Root) Mode to Improve Mobility

Traditionally, when the OpenAFS Client Service starts it must be able to access the "root.afs" volume of the default @@ -1902,20 +1946,23 @@ mount point will be a regular path.  These mount points are preserved in the registry at key:

HKLM\SOFTWARE\OpenAFS\Client\FreelanceHKLM\SOFTWARE\OpenAFS\Client\Freelance

+style='mso-bookmark:_Toc206421249'>

Additional mount points may be manually created using the "fs mkmount" command.  Mount points may be removed using the "fs rmmount" command.

-

>fs mkmount \\AFS\athena.mit.edu -root.cell athena.mit.edu

+

>fs mkmount +\\AFS\athena.mit.edu root.cell athena.mit.edu

>fs mkmount \\AFS\.athena.mit.edu root.cell athena.mit.edu -rw

@@ -1943,36 +1990,42 @@ symlink to 'athena.mit.edu\user\j\a\jaltman'

The symlinks are stored in the registry at:

HKLM\SOFTWARE\OpenAFS\Client\Freelance\SymlinksHKLM\SOFTWARE\OpenAFS\Client\Freelance\Symlinks 

- -

3.4. Locating AFS Volume Database Servers -via DNS

+style='mso-bookmark:_Toc206421250'> 

+ +

3.5. +Locating AFS Volume Database Servers via DNS +

The OpenAFS for Windows client will use DNS AFSDB records to discover the location of AFS Volume Database servers when entries for the cell are not present in the client's CellServDB file (\%PROGRAMFILES%\OpenAFS\Client\CellServDB).

-

3.5. Obtaining AFS Tokens as a Integrated -Part of Windows Logon

+

3.6. +Obtaining AFS Tokens as a Integrated Part of Windows Logon

OpenAFS for Windows installs a WinLogon Network Provider to provide Single Sign-On functionality (aka Integrated Logon.)  Integrated @@ -2003,8 +2056,8 @@ text-decoration:none;text-underline:none'>Use524 registry value.

Integrated Logon will not transfer Kerberos v5 tickets into -the user’s logon session credential cache. KFW 3.1 and above provides that functionality -on its own.

+the user’s logon session credential cache. KFW 3.1 and above provides that +functionality on its own.

Integrated Logon does not have the ability to cache the user's username and password for the purpose of obtaining tokens if the @@ -2027,13 +2080,15 @@ keys for the Network Provider.

-

3.6. AFS System Tray Command Line Options

+

3.7. +AFS System Tray Command Line Options

The AFS System Tray Tool (afscreds.exe) has been deprecated in favor of Network Identity Manager.Appendix A.

-

3.7. The “AFS Client Admins” Authorization -Group

+

3.8. +The “AFS Client Admins” Authorization Group

The OpenAFS for Windows client supports a local Windows authorization group named "AFS Client Admins".  This group is @@ -2162,8 +2218,8 @@ font-family:"Times New Roman","serif"'>       -

The initial membership of the "AFS Client Admins" group -when created by the installer is equivalent to the local +

The initial membership of the "AFS Client Admins" +group when created by the installer is equivalent to the local "Administrators" group.  If a user is added to the "Administrators" group after the creation of the "AFS Client Admin" group, that user will not be an AFS Client Administrator.  @@ -2177,13 +2233,15 @@ style='font-size:14.0pt;mso-fareast-font-family:"MS Mincho";text-decoration: none;text-underline:none'>registry and not via "fs sysname".

-

3.8. OpenAFS support for UNC paths +

3.9. +OpenAFS support for UNC paths

The OpenAFS client supports UNC paths everywhere.  UNC @@ -2212,13 +2270,15 @@ color:#365F91;mso-themecolor:accent1;mso-themeshade:191;text-decoration:none; text-underline:none'>http://www.jpsoft.com.

-

3.9. aklog.exe

+

3.10. +aklog.exe

The OpenAFS Client ships with its own version of aklog.exe which should be used in preference to those obtained by other sources.  @@ -2257,14 +2317,15 @@ Kerberos IV tickets

   -m = use krb524d to convert Kerberos V tickets to Kerberos IV

-

3.10. OpenAFS Servers on Windows are -Unsupported

+

3.11. +OpenAFS Servers on Windows are Unsupported

The AFS Server functionality provided as part of the OpenAFS install package might work but should be considered highly experimental.  @@ -2275,10 +2336,11 @@ lost should not be stored in an OpenAFS Server on Windows.

and dynamic network configuration.  Salvager is also known to crash.

-

3.10.1. OpenAFS Server Installation

+

3.11.1. +OpenAFS Server Installation

When the OpenAFS Server is installed, the TransarcAFSServer service (bosctlsvc.exe) will be installed and configured.  Instead, Active Directory or some other Kerberos v5 KDC should be used in its place.

-

3.10.2. Using the AFS Client Service when the Server is -installed

+

3.11.2. +Using the AFS Client Service when the Server is installed

A few notes on the usage of the AFS Client Service if it is going to be used with the OpenAFS AFS Server:

@@ -2336,13 +2398,15 @@ strongly advised that the AFS servers be installed only on systems that will not be shutdown or suspended unexpectedly.   An inadvertent shutdown will corrupt volume data.

-

3.11. OpenAFS Debugging Symbol files

+

3.12. +OpenAFS Debugging Symbol files

The OpenAFS for Windows installers include Debugging Symbol files which should be installed if you are experiencing problems and need to @@ -2363,8 +2427,9 @@ or not the debug symbols are installed by default (release: no, debug: yes)

·       whether -or not fs trace logging is turned on by -default (release: no, debug: yes)

+or not fs trace logging is turned on +by default (release: no, debug: yes)

·       -

3.12. Large File (64-bit) Support

+

3.13. +Large File (64-bit) Support

As of release 1.5.3, OpenAFS for Windows supports files larger than 2GB.  The maximum file size is now 16777216 terabytes when the AFS File Server supports large files.   If the AFS File Server does not support 64-bit file sizes, then the maximum file size remains 2GB.

-

3.13. Encrypted AFS Network Communication

+

3.14. +Encrypted AFS Network Communication

The OpenAFS for Windows installer by default activates a weak form of encrypted data transfer between the AFS client and the AFS @@ -2400,14 +2469,15 @@ Encrypted data transfer can be turned on or off with the Transitions between “crypt” and “non-crypt” modes are logged to the Windows Application Event Log.

-

3.14. Authenticated Access to the OpenAFS -Client Service

+

3.15. +Authenticated Access to the OpenAFS Client Service

OpenAFS authenticates SMB connections using either NTLM or GSS SPNEGO (NTLM).  In previous versions of OpenAFS, the SMB connections @@ -2426,13 +2496,15 @@ will be used that does not require access to the user's password.  Instead, Windows will internally recognize the request as coming from a local logon session.

-

3.15. No More INI Files

+

3.16. +No More INI Files

Previous AFS clients for Windows stored configuration data in Windows .INI files.   The OpenAFS client does not use Windows .INI @@ -2454,14 +2526,15 @@ the new CellServDB file.  OpenAFS will also import the contents of the “afs_freelance.ini” file to the Windows registry.   OpenAFS will not process the contents of the “afsddbmt.ini”.

-

3.16. Microsoft Windows Internet Connection -Firewall

+

3.17. +Microsoft Windows Internet Connection Firewall

The OpenAFS Client is compatible with the Internet Connection Firewall that debuted with Windows XP SP2 and Windows 2003 @@ -2471,29 +2544,31 @@ In addition, the appropriate Back Connection registry entries are added to allow SMB authentication to be performed across the Microsoft Loopback Adapter.

-

3.17. Browsing AFS from the Explorer Shell -and Office

+

3.18. +Browsing AFS from the Explorer Shell and Office

The OpenAFS Client Service implements the CIFS Remote Admin Protocol which allows Explorer to browse server and share information. This significantly enhances the interoperability of AFS volumes within the Explorer Shell and Microsoft Office applications.

-

3.18. Byte Range -Locking

+

3.19. +Byte Range Locking

Many applications on Windows (e.g. Microsoft Office) require the use of byte range locks applied to a file either to protect against @@ -2543,8 +2618,8 @@ inconvenience on end users. 

shared lock, the CIFS-AFS server will grant the lock request without asking the AFS file server.
  • If the - file is located on a read-only volume and the application opens the file - with write access and requests an exclusive lock, the CIFS-AFS server will + file is located on a read-only volume and the application opens the file with + write access and requests an exclusive lock, the CIFS-AFS server will refuse the lock request and return a read only error.
  • If the file is located on a read-only volume and the application opens the file @@ -2565,8 +2640,8 @@ inconvenience on end users. 

    the request.
  • If the file is located on a read-write volume and the application requests a - shared lock, the CIFS-AFS server will request a read lock from the AFS - file server.  If granted by the file server, then the CIFS-AFS server + shared lock, the CIFS-AFS server will request a read lock from the AFS file + server.  If granted by the file server, then the CIFS-AFS server grants the lock request.  If the request is denied due to an access denied error and the user has the lookup and read privileges but not the lock privilege, then the CIFS-AFS server will grant the request even @@ -2590,14 +2665,15 @@ href="#_Value:_EnableServerLocks">EnableServerLocks registry value.

    -

    3.19. Automatic Discarding of AFS Tokens at -Logoff

    +

    3.20. +Automatic Discarding of AFS Tokens at Logoff

    The OpenAFS Client will automatically forget a user's tokens upon Logoff unless the user's profile was loaded from an AFS volume.  In @@ -2615,13 +2691,15 @@ can be used. (see Appendix A.)

    -

    3.20. Windows Terminal Server installations

    +

    3.21. +Windows Terminal Server installations

    When installing the NSIS (.exe) installer under Terminal Server, you must execute it from within the Add/Remove Programs Control @@ -2629,13 +2707,15 @@ Panel.  Failure to do so will result in AFS not running properly.  The AFS Server should not be installed on a machine with Terminal Server installed.

    -

    3.21. Hidden Dot Files

    +

    3.22. +Hidden Dot Files

    AFS is a UNIX native file system.  The OpenAFS client attempts to treat the files stored in AFS as they would be on UNIX.  File @@ -2646,23 +2726,25 @@ href="#_Value:_HideDotFiles">HideDotFiles registry value.

    -

    3.22. Status Cache Limits

    +

    3.23. +Status Cache Limits

    The Status Cache (AFS Configuration Control Panel: Advanced Page) is defined to have a maximum number of entries.  Each entry -represents a single file or directory entry accessed within the AFS file -system.  When the maximum number of entries are allocated, entries will -begin to be reused according to a least recently used (LRU) algorithm.  If -the number of files or directories being accessed repeatedly by your -applications is greater then the maximum number of entries, your host will -begin to experience thrashing of the Status Cache and all requests will result -in network operations.

    +represents a single file or directory entry accessed within the AFS file system.  +When the maximum number of entries are allocated, entries will begin to be +reused according to a least recently used (LRU) algorithm.  If the number +of files or directories being accessed repeatedly by your applications is +greater then the maximum number of entries, your host will begin to experience +thrashing of the Status Cache and all requests will result in network +operations.

    If you are experiencing poor performance try increasing the maximum number of Status Cache entries.  Each entry requires approximately @@ -2672,28 +2754,32 @@ href="#_Value:_Stats">Stats registry value.

    -

    3.23. NETBIOS over TCP/IP must be enabled

    - -

    "Netbios over TCP/IP" must be active on the -machine in order for communication with the AFS Client Service to -succeed.  If "Netbios over TCP/IP" is disabled on the machine, -then communication with the AFS Client Service will be impossible.  If you are using the Microsoft Loopback -Adapter, configure the “Netbios over TCP/IP” setting for the adapter.

    - -

    3.24. OpenAFS binaries are digitally signed

    +

    3.24. +NETBIOS over TCP/IP must be enabled

    + +

    "Netbios over TCP/IP" must be active on the machine +in order for communication with the AFS Client Service to succeed.  If +"Netbios over TCP/IP" is disabled on the machine, then communication +with the AFS Client Service will be impossible.  +If you are using the Microsoft Loopback Adapter, configure the “Netbios +over TCP/IP” setting for the adapter.

    + +

    3.25. +OpenAFS binaries are digitally signed

    The OpenAFS Client Service and related binaries distributed by OpenAFS.org are digitally signed by "Secure Endpoints Inc.".  @@ -2706,53 +2792,66 @@ wasted tracking down problems caused by the mixture of files from different releases. 

    Appendix AAppendix A -documents the "VerifyServiceSignature" +style='mso-bookmark:_Toc206421274'> documents the +"VerifyServiceSignature" registry value which can be used to disable the signature check.  The file version check cannot be disabled.

    -

    3.25. Maximum Size of the AFSCache File

    +

    3.26. +Maximum Size of the AFSCache File

    The maximum cache size on 32-bit Windows is approximately 1.3GB.  This is the largest contiguous block of memory in the 2GB process address space which can be used for constructing a memory mapped file.  -Due to fragmentation of the process space caused by the loading of libraries required -by the digital signature verification code, any attempt to specify a cache size -greater then 700MB will result in the automatic disabling of the signature -check.  Significantly larger cache sizes -can be used on 64-bit Windows.

    - -

    3.26. Filename Character Sets

    +Due to fragmentation of the process space caused by the loading of libraries +required by the digital signature verification code, any attempt to specify a +cache size greater then 700MB will result in the automatic disabling of the +signature check.  Significantly larger +cache sizes can be used on 64-bit Windows.

    + +

    3.27. +Filename Character Sets

    + +

    This section describes functionality +and concerns related to pre-1.5.50 releases of OpenAFS for Windows.   This release stores all file names on the +file servers as Unicode encoded using UTF-8.

    OpenAFS for Windows implements an SMB server which is used as a gateway to the AFS filesystem.  Because of limitations of the SMB -implementation in pre-1.5.50 releases, Windows stored all files into AFS using OEM code pages such as -CP437 (United States) or CP850 (Western Europe).  These code pages are -incompatible with the ISO Latin-1 or Unicode (UTF-8) character sets typically used as the default -on UNIX systems in both the United States -and Western Europe.  Filenames stored by -OpenAFS for Windows were therefore unreadable on UNIX systems if they include -any of the following characters:

    +implementation in pre-1.5.50 releases, Windows stored all files into AFS using +OEM code pages such as CP437 (United States) or CP850 (Western Europe).  +These code pages are incompatible with the ISO Latin-1 or Unicode (UTF-8) +character sets typically used as the default on UNIX systems in both the United States and Western + Europe.  Filenames stored by OpenAFS for Windows were +therefore unreadable on UNIX systems if they include any of the following +characters:

    @@ -2806,8 +2905,8 @@ any of the following characters:

         [ò]  149  09/05  225  95  o grave

         - [û]  150  - 09/06  226  96  u circumflex

    + [û]  150  09/06  + 226  96  u circumflex

         [ù]  151  09/07  227  97  u grave

         @@ -2835,51 +2934,60 @@ any of the following characters:

     

    -

    The pre-1.5.50 OpenAFS Client provided an optional registry value, The pre-1.5.50 OpenAFS Client provided an optional registry +value, StoreAnsiFilenames, that could be -set to instruct OpenAFS to store filenames using the ANSI Code Page instead of -the OEM Code Page.  The ANSI Code Page is a compatible superset of +none;text-underline:none'>StoreAnsiFilenames, that could +be set to instruct OpenAFS to store filenames using the ANSI Code Page instead +of the OEM Code Page.  The ANSI Code Page is a compatible superset of Latin-1.  This setting is not the default setting because making this change would prevent OpenAFS for Windows from being able to access filenames containing the above characters which were created without this setting.

    -

    -All versions of OpenAFS for Windows 1.5.50 and above exchange file names with -Microsoft Windows using the Unicode character set. All file names are read from -and stored to AFS file servers using the UTF-8 encoding of Unicode. As a result -the StoreAnsiFilenames option is no -longer supported. -

    - -

    3.27. Known Character Set Issues with -Roaming Profiles

    +

    All versions of OpenAFS for Windows 1.5.50 and above +exchange file names with Microsoft Windows using the Unicode character set. All +file names are read from and stored to AFS file servers using the UTF-8 +encoding of Unicode. As a result the StoreAnsiFilenames +option is no longer supported.

    + +

    3.28. +Character Set Issues with Roaming Profiles

    + +

    This section describes functionality +and concerns related to pre-1.5.50 releases of OpenAFS for Windows.   This release stores all file names on the +file servers as Unicode encoded using UTF-8.

    There is a known issue with storing Windows Roaming Profiles when the profile contains either directories or files with names which cannot be represented in the local OEM character set.  In this case, attempts to write the profile back to AFS will fail during the character set -conversion.  The OpenAFS Client’s CIFS gateway does not support +conversion.  The pre-1.5.50 OpenAFS Client’s CIFS gateway did not support UNICODE.  To avoid this problem some sites run custom logoff scripts (assigned by group policy) which rename all files to use only the supported characters for the locale.

    -

    3.28. The AFSCache File

    +

    Versions of OpenAFS for Windows 1.5.50 and above do not +suffer from these issues.

    + +

    3.29. +The AFSCache File

    The AFS Cache file is stored by default at %TEMP%\AFSCache in a persistent file marked with the Hidden and System attributes.  The @@ -2888,21 +2996,22 @@ of OpenAFS by reducing the number of times data must be read from the AFS file servers. 

    The performance of the AFS Client Service is significantly -affected by the access times associated with the AFSCache paging -file.   When given the choice, the AFSCache file should be placed on -a fast disk, preferably NTFS, the file should not be compressed and should -consist of as few fragments as possible.   Significant performance -gains can be achieved by defragmenting the AFSCache file with Sysinternal's -Contig utility while the AFS Client Service is stopped.

    - -

    3.29. Restricting OpenAFS Client Service -Start and Stop

    +affected by the access times associated with the AFSCache paging file.   +When given the choice, the AFSCache file should be placed on a fast disk, +preferably NTFS, the file should not be compressed and should consist of as few +fragments as possible.   Significant performance gains can be +achieved by defragmenting the AFSCache file with SysInternal's Contig utility +while the AFS Client Service is stopped.

    + +

    3.30. +Restricting OpenAFS Client Service Start and Stop

    A new command line tool, afsdacl.exe, can be used to restrict the ability to start and stop the OpenAFS Client Service.

    @@ -2927,37 +3036,43 @@ afsd service by any ordinary user.

              -show  : Show current DACL (SDSF)

    -

    3.30. The @sys Name List

    +

    3.31. +The @sys Name List

    The default @sys name list in the OpenAFS Client is set to "x86_win32 i386_w2k i386_nt40" for 32-bit x86 systems.  The default is "amd64_win64" for amd 64-bit versions of Windows.

    -

    3.31. Symlinks to AFS UNC paths

    +

    3.32. +Symlinks to AFS UNC paths

    In OpenAFS, symlinks to AFS UNC paths, \\AFS[\all]\..., are -treated the same as symlinks to /afs/...  However, please use /afs/... as the -Windows UNC form will not work on UNIX client.

    - -

    3.32. Cache Manager Debugging

    +treated the same as symlinks to /afs/...  However, please use /afs/... as +the Windows UNC form will not work on UNIX client.

    + +

    3.33. +Cache Manager Debugging

    The OpenAFS Client implements the Cache Manager Debugging RPC Interface.  The CM debugger can be queried with cmdebug.exe. entries with positive reference counts

           --callbacks   print only cache entries -with callbacks

    +-callbacks   print only cache +entries with callbacks

           -ctime       print human readable expiration time

           --addrs       print only host -interfaces

    +-addrs       print only host interfaces

           -cache       print only cache @@ -2996,27 +3110,30 @@ configuration

    -cellservdb  print only cellservdb info

    -

    3.33. Windows Logon Caching vs. Kerberos -Logons

    +

    3.34. +Windows Logon Caching vs. Kerberos Logons

    If you are a site which utilizes MIT/Heimdal Kerberos principals to logon to Windows via a cross-realm relationship with a multi-domain Windows forest, you must enable Windows logon caching unless the workstation is Windows Vista.

    -

    3.34. Initial Server Preferences

    +

    3.35. +Initial Server Preferences

    VLDB and File Server Preferences can now be provided initial values using registry keys.  This is useful for managed machines in a @@ -3028,13 +3145,16 @@ none;text-underline:none'>Appendix A for details on the style='font-size:14.0pt;mso-fareast-font-family:"MS Mincho";text-decoration: none;text-underline:none'>Server Preferences" keys.

    -

    3.35. File Timestamps

    +

    3.36. +File Timestamps and Daylight +Saving Time

    The OpenAFS Client reports timestamps on files stored in AFS in UTC all year round.  In locales with daylight savings time, previous @@ -3054,54 +3174,58 @@ are used to being able to compare the timestamp in an UNIX shell with the timestamp from the Windows explorer.  During DST, these two times will no longer agree even though they are in fact representing the same moment in time.

    -

    3.36. Windows RPC client support must be -installed

    +

    3.37. +Windows RPC client support must be installed +

    If the installer refuses to install and complains about an RPC configuration error, check to ensure that the following registry entries are present and that they refer to the dll "rpcrt4.dll":

    -

       HKLM "SOFTWARE\Microsoft\RPC\ClientProtocols" -"ncacn_np"

    +

       HKLM +"SOFTWARE\Microsoft\RPC\ClientProtocols" "ncacn_np"

       HKLM "SOFTWARE\Microsoft\RPC\ClientProtocols" "ncacn_ip_tcp"

    -

       HKLM -"SOFTWARE\Microsoft\RPC\ClientProtocols" "ncadg_ip_udp"

    +

       HKLM "SOFTWARE\Microsoft\RPC\ClientProtocols" +"ncadg_ip_udp"

       HKLM "SOFTWARE\Microsoft\RPC\ClientProtocols" "ncacn_http"

    -

    3.37. Generating Minidumps of the OpenAFS -Client Service

    +

    3.38. +Generating Minidumps of the OpenAFS Client Service

    OpenAFS 1.4 added a new command, "fs -minidump".  This command can be used at any time to generate a mini -dump file containing the current stack of the afsd_service.exe -process.   This output can be very helpful when debugging the AFS -Client Service when it is unresponsive to SMB/CIFS requests.

    - -

    3.38. AFS Client Universally Unique -Identifiers (UUIDs) vs. System Cloning

    +minidump".  This command can be used at any time to generate a mini dump +file containing the current stack of the afsd_service.exe process.   +This output can be very helpful when debugging the AFS Client Service when it +is unresponsive to SMB/CIFS requests.

    + +

    3.39. +AFS Client Universally Unique Identifiers (UUIDs) vs. System Cloning

    The OpenAFS Client implements Universally Unique Identifiers (UUIDs).  They are used to provide the AFS file server with a method of @@ -3118,9 +3242,10 @@ it is necessary to generate a new UUID for each client. This will be done automatically if the Windows Machine SID is re-generated using Microsoft SysPrep. If the SID is not being re-generated either the AFSCache file should be deleted or the command fs uuid -generate must be executed after the -the clone is created. Multiple AFS clients reporting the same UUID will not -only result in horrible AFS client performance and cache inconsistencies, but -they will also put a tremendous strain on the AFS file servers.

    +the clone is created. Multiple AFS clients reporting +the same UUID will not only result in horrible AFS client performance and cache +inconsistencies, but they will also put a tremendous strain on the AFS file +servers.

    For lab environments that wish to erase all cached data on each restart, the installer by performing an administrative install via msiexec.exe /a.

    -

    3.39. -Delayed Write Errors with Microsoft Office Applications

    +

    3.40. Delayed Write Errors with Microsoft +Office Applications

    Microsoft Office makes heavy use of asynchronous input/output methods for reading and writing to file streams.  This can result in hundreds of requests being simultaneously queued for service by the CIFS client with a fixed timeout period.  As the AFS CIFS server is local -to the machine the Windows CIFS client believes that it can respond almost -instantaneously to write requests as the actual writing to the AFS file server -is performed by a background daemon thread.  When the actual network -bandwidth to the AFS file server is slow and the file size is large it is -possible for the CIFS client to time out the connection.  When this -happens a “delayed write error” will be reported to the user and the -application may crash.  The only workaround at the current time is to save -first to a local disk and subsequently copy the file to AFS as copying a file -with the explorer shell does not use asynchronous i/o.

    +to the machine the Windows CIFS client believes that it can respond almost instantaneously +to write requests as the actual writing to the AFS file server is performed by +a background daemon thread.  When the actual network bandwidth to the AFS +file server is slow and the file size is large it is possible for the CIFS +client to time out the connection.  When this happens a “delayed write +error” will be reported to the user and the application may crash.  The +only workaround at the current time is to save first to a local disk and +subsequently copy the file to AFS as copying a file with the explorer shell +does not use asynchronous i/o.

    The CIFS session timeout defaults to 45 seconds and can be increased by modifying the now defaults to 32KB and is configurable using the SMBAsyncStoreSize registry value.  Asynchronous store operations can also be -disabled using the SMBAsyncStoreSize registry +value.  Asynchronous store operations can +also be disabled using the EnableSMBAsyncStore registry value in which case all writes received by the cache manager block until the Rx StoreData operation completes.

    -

    3.40. -Global Drives (aka 3.41. Global Drives (aka Service - Drive Letters) are no longer supported by -Microsoft

    +Microsoft

    The Global DriveAuto-mount feature has been deprecated due to the following Microsoft KB article.

    http://msdn.microsoft.com/library/en-us/dllproc/base/services_and_redirected_drives.asphttp://msdn.microsoft.com/library/en-us/dllproc/base/services_and_redirected_drives.asp

    +style='mso-bookmark:_Toc206421291'>

    It says that services mounting drive letters are no longer supported by Microsoft and may act unpredictably.  The experience other @@ -3229,12 +3362,13 @@ re-established until the machine is rebooted.

    applications should be modified to use of \\AFS\<cellname>\<path> instead of drive letters.

    -

    3.41. -64-bit Microsoft Windows Installations

    +

    3.42. 64-bit Microsoft Windows Installations

    Although 64-bit Windows platforms support both 64-bit and 32-bit applications, the OpenAFS Service installed on the machine must be @@ -3249,15 +3383,17 @@ for Windows can be used with the 32-bit OpenAFS Tools to manage AFS tokens.

    Without this restriction the AFS Cache File can become arbitrarily large limited only by available disk space.

    -

    3.42. -Known Issues with Microsoft Windows Vista

    +

    3.43. Known Issues with Microsoft Windows Vista

    OpenAFS for Windows works with Microsoft Windows Vista from both the command prompt and the Explorer Shell.  When a Vista user account that is a member of the “Administrators” group is used to access -the AFS Control Panel (afs_config.exe), the process must be “Run as Administrator”.   Otherwise, attempts to modify the OpenAFS -configuration will appear to succeed but in reality will have failed due to Vista’s system file and registry virtualization feature.

    +the AFS Control Panel (afs_config.exe), the process must be “Run as +Administrator”.   Otherwise, attempts to +modify the OpenAFS configuration will appear to succeed but in reality will +have failed due to Vista’s system file and +registry virtualization feature.

    The help files provided with OpenAFS are in .HLP format. Windows Vista does not include a help engine for this format.

    -

    3.43. New AFS Share Name Syntax Provides -Direct Access to Volumes

    +

    3.44. New AFS Share Name Syntax Provides Direct Access to +Volumes

    Starting with the 1.5.21 release of OpenAFS for Windows, the following syntax can be used to @@ -3338,11 +3477,12 @@ style='mso-tab-count:1'>

                \\AFS\athena.mit.edu# 537235559\

    -

    3.44. Differences between Windows and UNIX -“fs examine”

    +

    3.45. Differences between Windows and UNIX “fs examine”

    The OpenAFS for Windows version of “fs examine” provide two additional lines of output when @@ -3363,43 +3503,103 @@ style='mso-bookmark:_Toc115416145'>Volume is online

    3.45. Literal evaluation of AFS objects via -fs commands

    +style='mso-bookmark:_Toc115416145'>3.46. Literal evaluation of AFS objects via fs commands

    Beginning with the 1.5.31 release, the fs commands examine, flush, whereis, and whichcell -provide a new command-line parameter, -literal.  When specified, if the evaluated object is a -symlink or a mountpoint the resulting output will describe the specified object -and not the object that is the target of the symlink or mountpoint.

    +provide a new command-line parameter, -literal. + When specified, if the evaluated object +is a symlink or a mountpoint the resulting output will describe the specified +object and not the object that is the target of the symlink or mountpoint.

    3.46. Out of Quota errors

    +style='mso-bookmark:_Toc115416145'>3.47. Out of Quota errors

    Prior to the 1.5.31 release, out of quota -errors were reported to the calling application as an out of space error.  As of 1.5.31, an out of space error will +errors were reported to the calling application as an out of space error.  As of 1.5.31, an out of space error will indicate that the partition on which the volume is located is in fact out of space.  Whereas an out of quota error indicates that the user does not have permission to allocate additional space.

    +

    3.48. Linked Cells

    + +

    The 1.5.55 release adds support for linked +cells as implemented in the Unix OpenAFS client.  When two cells are linked, a volume lookup in +one cell that fails is retried in the linked cell.  This functionality can be used to implement:

    + +

    ·         +a test cell which provides substitutes for a +subset of the volumes in the linked production cell

    + +

    ·         +a cell renaming

    + +

    ·         +a cell splitting

    + +

    ·         +a cell merger

    + +

    Two cells are linked in the CellServDB file:

    + +

    >cell-one      cell-two       #Description

    +>cell-two      cell-one       #Description

    + +

    aklog and Network Identity Manager will +automatically obtain tokens for the linked cell when tokens for the other cell +is specified.

    +

    4. How to Debug Problems with OpenAFS for -Windows

    +style='mso-bookmark:_Toc115416145'>4. +How to Debug Problems with OpenAFS for Windows

    OpenAFS for Windows provides a wide range of tools to assist you in debugging @@ -3407,21 +3607,26 @@ problems.  The techniques available to you are varied because of the wide range of issues that have been discovered over the years.

    4.1. pioctl debugging (4.1. +pioctl debugging (IoctlDebugIoctlDebug -registry key)

    +registry key)

    pioctl (path-based ioctl) calls are used by various tools to communicate with the AFS @@ -3500,12 +3705,13 @@ be used as a reference to help you determine the configuration probem with your system.

    4.2. afsd_service initialization log -(%WinDir%\TEMP\afsd_init.log)

    +name="_Toc213847206">4.2. +afsd_service initialization log (%WinDir%\TEMP\afsd_init.log)

    Every time the AFS Client Service starts it appends data about its progress and @@ -3514,8 +3720,9 @@ determining why the service cannot start when there are problems.  When the process terminates due to a panic condition it will write to this file the source code file and line number of the error.  In many cases the panic condition is due to a misconfiguration of the machine.  In other cases it -might be due to a programming error in the software.  A quick review of the -location in the source code will quickly reveal the reason for the termination.

    +might be due to a programming error in the software.  A quick review of +the location in the source code will quickly reveal the reason for the +termination.

    The

    4.3. afsd_service debug logs (fs trace {-on, --off, -dump} ->%WinDir%\TEMP\afsd.log)

    +name="_Toc213847207">4.3. +afsd_service debug logs (fs trace {-on, -off, -dump} +->%WinDir%\TEMP\afsd.log)

    When attempting to debug the behavior of the SMB/CIFS Server and the Cache Manager @@ -3555,12 +3764,13 @@ Execute "fs trace -on" to clear to the log and "fs trace -dump" to output the contents of the log to the file.

    4.4. Using SysInternal’s Debug Viewer, -Process Monitor and Process Explorer Tools

    +name="_Toc213847208">4.4. +Using SysInternal’s Debug Viewer, Process Monitor and Process Explorer Tools

    An alternatve option to the use of "fs trace -dump" to capture internal @@ -3596,9 +3806,9 @@ can be use to monitor the file operations requested by applications and their success or failure.  

    In -Process Monitor, set a filter to include only events on file paths that refer to -the AFS name space. Be sure to include both the UNC path as well as any drive -letters mapped to AFS.

    +Process Monitor, set a filter to include only events on file paths that refer +to the AFS name space. Be sure to include both the UNC path as well as any +drive letters mapped to AFS.

    Turn on the Clock Time and Show Milliseconds options in both tools to @@ -3625,11 +3835,12 @@ Hint: If there is a deadlock in the cache manager, two or more of the threads will be stuck in a call to osi_TWait().

    4.5. -Microsoft MiniDumps
    -(fs minidump -> %WinDir%\TEMP\afsd.dmp)

    +name="_Toc213847209">4.5. Microsoft MiniDumps
    +(fs minidump -> %WinDir%\TEMP\afsd.dmp)

    If the AFS Client Service become unresponsive to any form of communication there @@ -3654,12 +3865,13 @@ will include all of the data stored within the cache.  If there are privacy concerns, do not produce a MiniDump with heap.

    4.6. Single Sign-on (Integrated Logon) -debugging

    +name="_Toc213847210">4.6. +Single Sign-on (Integrated Logon) debugging

    If you are having trouble with the Integrated Logon operations it is often useful @@ -3680,11 +3892,13 @@ information to the Windows Event Log: Application under the name Logon".

    4.7. RX (AFS RPC) debugging (rxdebug)

    +name="_Toc213847211">4.7. +RX (AFS RPC) debugging (rxdebug)

    The rxdebug.exe tool can be used to query a variety of information about the AFS @@ -3736,11 +3950,13 @@ conns

    -peers           show peers

    4.8. Cache Manager debugging (cmdebug)

    +name="_Toc213847212">4.8. +Cache Manager debugging (cmdebug)

    The cmdebug.exe tool can be used to query the state of the AFS Cache Manager on a @@ -3783,11 +3999,13 @@ style='mso-spacerun:yes'> style='mso-spacerun:yes'>  print only cellservdb info

    4.9. Persistent Cache consistency check

    +name="_Toc213847213">4.9. +Persistent Cache consistency check

    The persistent cache is stored in a Hidden System file at @@ -3799,10 +4017,11 @@ on the file can be performed.

    afsd_service.exe --validate-cache <cache-path>

    4.10. -Token Acquisition Debugging

    +name="_Toc213847214">4.10. Token Acquisition Debugging

    If you are having trouble obtaining tokens with the Network Identity Manager AFS @@ -3815,12 +4034,14 @@ style='mso-bidi-font-style:normal'> diagnosing Kerberos v5 related problems.

    5. Reporting Bugs

    +name="_Toc213847215">5. +Reporting Bugs

    Bug reports should be sent to openafs-bugs@openafs.org.  Please include as much information as possible about the issue.  If you are reporting a crash, please install the debugging symbols by re-running the -installer.  If a dump file is available for the problem, -%WINDIR%\TEMP\afsd.dmp, include it along with the AFS Client Trace file  +installer.  If a dump file is available for the problem, %WINDIR%\TEMP\afsd.dmp, +include it along with the AFS Client Trace file  %WINDIR%\TEMP\afsd.log.  The AFS Client startup log is %WINDIR%\TEMP\afsd_init.log.  Send the last continuous block of  log information from this file.

    @@ -3913,47 +4134,54 @@ a crash happens, Dr. Watson generates a dump file and a report in the log file, including the address of the crash and the stack dump.

    Once -you have the Dr. Watson's logfile and minidump, zip them and attach them to -your e-mail.

    +you have the Dr. Watson's logfile and minidump, zip them and attach them to your +e-mail.

    When reporting a error, please be sure to include the version of OpenAFS.

    6. How to Contribute to -the Development of OpenAFS for Windows

    +name="_Toc213847216">6. How to Contribute to the Development of +OpenAFS for Windows

    Contributions -to the development of OpenAFS for Windows are continuously needed.  -Contributions may take many forms including cash donations, support contracts, donated +to the development of OpenAFS for Windows are continuously needed.  Contributions +may take many forms including cash donations, support contracts, donated developer time, and even donated tech writer time.

    6.1. -The USENIX OpenAFS Fund

    +name="_Toc213847217">6.1. The USENIX OpenAFS +Fund

    USENIXUSENIX, -a 501c3 non-profit corporation, has formed the USENIX OpenAFS Fund in order to -accept tax deductible donations on behalf of the OpenAFS Elders. The donated -funds will be allocated by the OpenAFS Elders to fund OpenAFS development, +style='mso-bookmark:_Toc206421312'>, a 501c3 +non-profit corporation, has formed the USENIX OpenAFS Fund in order to accept +tax deductible donations on behalf of the OpenAFS Elders. The donated funds +will be allocated by the OpenAFS Elders to fund OpenAFS development, documentation, project management, and maintaining openafs.org.

    @@ -3984,31 +4212,36 @@ class=Heading1Char>donation online.

    6.2. Secure Endpoints -Inc.

    +name="_Toc213847219">6.2. Secure Endpoints Inc. +

    Secure Endpoints Inc.Secure Endpoints Inc. -provides development and support services for OpenAFS for Windows and provides +development and support services for OpenAFS for Windows and MIT Kerberos for Windows.  Donations provided to Secure Endpoints Inc. for the development of OpenAFS are used to cover the OpenAFS gatekeeper responsibilities; providing support to the OpenAFS community via the OpenAFS mailing lists; and furthering -development of desired features that are either too small to be financed by development -contracts.

    +development of desired features that are either too small to be financed by +development contracts.

    Secure Endpoints Inc. accepts software development agreements from organizations who @@ -4021,14 +4254,16 @@ style='font-size:14.0pt;mso-fareast-font-family:"MS Mincho";text-decoration: none;text-underline:none'>MIT Kerberos for Windows products.

    6.3. Direct contributions of code and/or -documentation

    +name="_Toc213847221">6.3. +Direct contributions of code and/or documentation +

    Organizations that use OpenAFS in house and have development staffs are encouraged to @@ -4037,13 +4272,14 @@ style='color:blue'>openafs-bugs@openafs.org.  Contributions of documentation are highly desired.

    6.4. OpenAFS for -Windows Mailing Lists

    +name="_Toc213847222">6.4. OpenAFS for Windows Mailing Lists

    If you wish to participate in OpenAFS for Windows development please join the openafs-win32-devel@openafs.org mailing list.

    https://lists.openafs.org/mailman/listinfo/openafs-win32-devel

    +name="_Toc213847223">https://lists.openafs.org/mailman/listinfo/openafs-win32-devel

    User questions should be sent to the openafs-info@openafs.org mailing list. 

    https://lists.openafs.org/mailman/listinfo/openafs-info

    +name="_Toc213847224">https://lists.openafs.org/mailman/listinfo/openafs-info

    You must join the mailing lists if you wish to post to the list without incurring a moderation delay.

    7. -MSI Deployment Guide

    - -7. MSI Deployment Guide + +
    -     +

    7.1. -Introduction

    +name="_Toc213847226">7.1. Introduction

    A MSI installer option is available for those who wish to use Windows Installer -for installing OpenAFS and for organizations that wish to deploy OpenAFS through -Group Policy.  The first version of OpenAFS for Windows available as an -MSI was 1.3.65.

    +for installing OpenAFS and for organizations that wish to deploy OpenAFS +through Group Policy.  The first version of OpenAFS for Windows available +as an MSI was 1.3.65.

    This document provides a guide for authoring transforms used to customize the MSI @@ -4113,18 +4355,19 @@ group policy and/or startup scripts so that machines where OpenAFS for Windows is already installed will pick up these customizations.

    7.1.1 Requirements

    +name="_Toc213844466">7.1.1 Requirements

    The information in this document applies to MSI packages distributed with OpenAFS for Windows releases from 1.3.65 and onwards or MSI packages built from -corresponding source releases.  Not all releases support all the configuration -options documented here.

    +corresponding source releases.  Not all releases support all the +configuration options documented here.

    Authoring a "Windows Installer" transform requires additional software for @@ -4142,26 +4385,32 @@ general information about "Windows Installer", refer to:

        http://msdn.microsoft.com/library/en-us/msi/setup/windows_installer_start_page.asphttp://msdn.microsoft.com/library/en-us/msi/setup/windows_installer_start_page.asp

    +style='mso-bookmark:_Toc206421322'>

    For general information about authoring MSI transforms, refer to:

        http://msdn.microsoft.com/library/en-us/msi/setup/transforms.asphttp://msdn.microsoft.com/library/en-us/msi/setup/transforms.asp

    +style='mso-bookmark:_Toc206421323'>

    The remainder of this document assumes some familiarity with authoring @@ -4173,22 +4422,25 @@ creating a transform at:

        http://msdn.microsoft.com/library/en-us/msi/setup/a_customization_transform_example.asphttp://msdn.microsoft.com/library/en-us/msi/setup/a_customization_transform_example.asp

    +style='mso-bookmark:_Toc206421324'>

    7.1.2 Authoring a -Transform

    +name="_Toc213844470">7.1.2 Authoring a Transform

    Transforms describe a set of modifications to be performed on an existing MSI for the @@ -4244,13 +4496,15 @@ mentioned above, you can use a tool like ORCA.EXE to edit the MSI databases directly when editing openafs-modified.msi.  More details are given below.

    7.2. -Configuration Options

    +name="_Toc213847230">7.2. Configuration +Options

    The logic necessary to implement many of the settings described in

    7.2.1 Configurable -Properties

    +name="_Toc213844472">7.2.1 Configurable Properties

    Most configurable properties correspond to registry keys or values.  Due to the @@ -4341,27 +4595,27 @@ _Toc115416165'>7.2.1.2 OpenAFS for Windows Properties

    @@ -4382,7 +4636,7 @@ OpenAFS for Windows.

    (Service parameters):
    + name="_(Service_parameters):">(Service parameters):

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]
    (Network provider):
    + name="_(Network_provider):">(Network provider):

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]
    (OpenAFS Client):
    + name="_(OpenAFS_Client):">(OpenAFS Client):

    [HKLM\SOFTWARE\OpenAFS\Client]
    AFSCACHEPATH

    Registry key    :

    AFSCACHESIZE

    Registry key    :

    AFSCELLNAME

    Registry key    :

    FREELANCEMODE

    Registry key    :

    HIDEDOTFILES

    Registry key    :

    LOGONOPTIONS

    Registry key    :

    MOUNTROOT

    Registry key    :

    NETBIOSNAME

    Registry key    :

    NOFINDLANABYNAME

    Registry key    :

    RXMAXMTU

    Registry key    :

    SECURITYLEVEL

    Registry key    :

    SMBAUTHTYPE

    Registry key    :

    STOREANSIFILENAMES

    Registry key    : class=Heading1Char>StoreAnsiFilenames

    Valid values    : '0' or '1'

    -

    This option is no longer supported as of 1.5.50 now that all file names - are stored to AFS file servers using the UTF-8 encoding of Unicode.

    +

    This option is no longer supported as of 1.5.50 now that + all file names are stored to AFS file servers using the UTF-8 encoding of + Unicode.
    USEDNS

    Registry key    : 7.2.1.2.2 AFSCreds.exe Properties

    These -properties are combined to add a command line option to the shortcut that will be -created in the Start:Programs:OpenAFS and Start:Programs:Startup folders (see -CREDSSTARTUP).  The method of specifying the option was chosen for easy -integration with the Windows Installer user interface.  Although other -methods can be used to specify options to AFSCREDS.EXE, it is advised that they -be avoided as transforms including such options may not apply to future -releases of OpenAFS.

    +properties are combined to add a command line option to the shortcut that will +be created in the Start:Programs:OpenAFS and Start:Programs:Startup folders +(see CREDSSTARTUP).  The method of specifying the option was chosen for +easy integration with the Windows Installer user interface.  Although +other methods can be used to specify options to AFSCREDS.EXE, it is advised +that they be avoided as transforms including such options may not apply to +future releases of OpenAFS.

    CREDSSTARTUP

    Valid values    : '1' or '0'

    Controls whether AFSCreds.exe starts up automatically when the user logs on.  When CREDSSTARTUP is '1' a shortcut is added to the - 'Startup' folder in the 'Program menu' which starts AFSCREDS.EXE with the - options that are determined by the other CREDS* properties.

    + 'Startup' folder in the 'Program menu' which starts AFSCREDS.EXE with the options + that are determined by the other CREDS* properties.
    CREDSAUTOINIT

    Valid values    : '-a' or ''

    @@ -4658,7 +4913,7 @@ releases of OpenAFS.

    CREDSIPCHDET

    Valid values    : '-n' or ''

    @@ -4668,7 +4923,7 @@ releases of OpenAFS.

    CREDSQUIET

    Valid values    : '-q' or ''

    @@ -4678,7 +4933,7 @@ releases of OpenAFS.

    CREDSRENEWDRMAP

    Valid values    : '-m' or '’

    @@ -4688,7 +4943,7 @@ releases of OpenAFS.

    CREDSSHOW

    Valid values    : '-s' or ''

    @@ -4699,29 +4954,29 @@ releases of OpenAFS.

    7.2.2 Existing Registry -Entries

    +name="_Toc213844473">7.2.2 Existing Registry Entries

    You -can change existing registry values subject to the restrictions mentioned in the -Windows Platform SDK.  Pay special attention to component key paths and -try to only change the 'Value' column in the 'Registry' table.  If you +can change existing registry values subject to the restrictions mentioned in +the Windows Platform SDK.  Pay special attention to component key paths +and try to only change the 'Value' column in the 'Registry' table.  If you want to add additional registry keys please refer to section 3 (Additional resources).

    7.2.3 Replacing Configuration -Files

    +name="_Toc213844474">7.2.3 Replacing Configuration Files

    The OpenAFS configuration files (CellServDB) can be replaced by your own @@ -4756,8 +5011,8 @@ and select the 'Component' table in the 'Tables' list.

    1.2.   In -the Component table, locate the component you need to change ( Ctrl-F invokes the -'Find' dialog).  The component names are listed below in section 7.2.3.1.  For this example, @@ -4865,14 +5120,15 @@ the following :

    Note -that the ComponentId is an uppercase GUID.  You can generate one using GUIDGEN.EXE -or UUIDGEN.EXE, both of which are included in the Platform SDK.

    +that the ComponentId is an uppercase GUID.  You can generate one using +GUIDGEN.EXE or UUIDGEN.EXE, both of which are included in the Platform SDK.

    The Attributes value of 144 is a sum of msidbComponentAttributesPermanent (16) and -msidbComponentAttributesNeverOverwrite (128).  This ensures that local modifications -are not overwritten or lost during an installation or uninstallation.  -These are the same settings used on the default configuration files.

    +msidbComponentAttributesNeverOverwrite (128).  This ensures that local +modifications are not overwritten or lost during an installation or +uninstallation.  These are the same settings used on the default +configuration files.

                'fil_my_CellServDB' is a key into the 'File' table which we will fill later.

    @@ -5120,10 +5376,10 @@ a new row with the following values:

        (leave other fields blank)

    The -'Attributes' value is msidbFileAttributesNonCompressed (8192).  This is because -we will be placing this file in the same directory as the MSI instead of -embedding the file in it.  Transforms do not support updating compressed -sources or adding new cabinet streams.

    +'Attributes' value is msidbFileAttributesNonCompressed (8192).  This is +because we will be placing this file in the same directory as the MSI instead +of embedding the file in it.  Transforms do not support updating +compressed sources or adding new cabinet streams.

    Finally, the 'Sequence' value of 1000 will be used later to distinguish the file as @@ -5184,13 +5440,13 @@ style='mso-bookmark:_Toc152605135'>7.2.3.1 Components for Configuration Files

    7.2.4 Adding Domain -Specific Registry Keys

    +name="_Toc213844475">7.2.4 Adding Domain Specific Registry Keys

    Following is an example for adding domain specific registry keys.

    @@ -5286,10 +5542,9 @@ We create a new feature and component to hold the new registry keys.

    : 2
                Key                 - : - 'SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain'
    -             Component     - : 'rcm_DomainKeys'

    + : 'SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain'
    +             + Component     : 'rcm_DomainKeys'

    @@ -5304,8 +5559,7 @@ We create a new feature and component to hold the new registry keys.

    : 2
                Key                 - : - 'SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain'
    + : 'SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain'
                Name              : '*'
    @@ -5343,7 +5597,8 @@ We create a new feature and component to hold the new registry keys.

                Root                : 2
    -             Key                 +             + Key                 : 'SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\ATHENA.MIT.EDU'
                @@ -5389,8 +5644,7 @@ We create a new feature and component to hold the new registry keys.

    : 2
                Key                 - : - 'SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\LOCALHOST'
    + : 'SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\LOCALHOST'
                Name              : 'LogonOptions'
    @@ -5411,7 +5665,8 @@ We create a new feature and component to hold the new registry keys.

                Root                : 2
    -             Key                 +             + Key                 : 'SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\LOCALHOST'
                @@ -5433,13 +5688,14 @@ example adds domain specific keys for 'ATHENA.MIT.EDU' (enable integrated logon) and 'LOCALHOST' (disable integrated logon and fail logins silently).

    7.2.5 Adding Site -Specific Freelance Registry Keys

    +name="_Toc213844476">7.2.5 Adding Site Specific Freelance +Registry Keys

    Following is an example for adding site specific Freelance registry keys to pre-populate @@ -5483,8 +5739,8 @@ We create a new feature and component to hold the new registry keys.

    -

        -         (new row)
    +

                + (new row)
                Component     : 'rcm_FreelanceKeys'
                @@ -5653,13 +5909,15 @@ volume as well as a read-write mountpoint.  Aliases are also provided using symlinks.

    7.3 Additional Resources

    +name="_Toc213847231">7.3 +Additional Resources

    If you want to add registry keys or files you need to create new components and @@ -5707,13 +5965,14 @@ the Platform SDK documentation for information on command line options for MSITRAN.EXE.

    7.4. -Upgrades

    +name="_Toc213847232">7.4. Upgrades

    The MSI package is designed to uninstall previous versions of OpenAFS for Windows @@ -5757,36 +6016,39 @@ performing an upgrade with msiexec.exe execute the MSI with the repair options "vomus".

    Appendix -A: Registry Values

    +name="_Toc213847233">Appendix A: Registry Values

    A.1. -Service parameters

    +name="_Toc213847234">A.1. Service parameters

    The service parameters primarily affect the behavior of the AFS client service (afsd_service.exe).

    Regkey:
    -[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]

    +name="_Toc213844481">Regkey:
    +[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]     @@ -5794,7 +6056,7 @@ _Toc152605142'>Regkey:
     @@ -6644,9 +6911,9 @@ _Toc152605142'>Regkey:

    Determines whether or not the AFS Cache Manager will give up all callbacks prior to the service being suspended or shutdown.  - Doing so will have significant performance benefits for the file - servers.  However, file servers older - than 1.4.6 can become unstable if the GiveUpAllCallBacks RPC is executed.

    +     Doing so will have significant performance benefits for the file servers.  However, file servers older than 1.4.6 can + become unstable if the GiveUpAllCallBacks RPC is executed.

    0: do not perform GiveUpAllCallBacks RPCs

    1: @@ -6686,13 +6953,14 @@ _Toc152605142'>Regkey:

    Value: LANadapter

    Type: DWORD
    @@ -5813,9 +6075,9 @@ _Toc152605142'>Regkey:
    Value: CacheSize
    + name="_Value___:_CacheSize">Value: CacheSize

    Type: DWORD
    Default: 98304 (CM_CONFIGDEFAULT_CACHESIZE)
    Variable: cm_initParams.cacheSize

    @@ -5826,7 +6088,7 @@ _Toc152605142'>Regkey:
    Value: ChunkSize

    Type: DWORD
    @@ -5840,7 +6102,7 @@ _Toc152605142'>Regkey:
    Value: Daemons

    Type: DWORD
    @@ -5854,7 +6116,7 @@ _Toc152605142'>Regkey:
    Value: ServerThreads

    Type: DWORD
    @@ -5868,8 +6130,8 @@ _Toc152605142'>Regkey:
    Value: Stats

    Type: DWORD
    @@ -5905,9 +6167,10 @@ _Toc152605142'>Regkey:
    Value: LogoffPreserveTokens
    + name="_Value_:_LogoffPreserveTokens">Value: + LogoffPreserveTokens

    Type: DWORD {1,0}
    Default : 0

    If enabled (set to 1), the Logoff Event handler will not @@ -5919,7 +6182,7 @@ _Toc152605142'>Regkey:
    Value: RootVolume

    Type: REG_SZ
    @@ -5932,9 +6195,9 @@ _Toc152605142'>Regkey:
    Value: MountRoot
    + name="_Value_:_Mountroot">Value: MountRoot

    Type: REG_SZ
    Default: "/afs"
    Variable: cm_mountRoot

    @@ -5952,9 +6215,9 @@ _Toc152605142'>Regkey:
    Value: CachePath
    + name="_Value_:_CachePath">Value: CachePath

    Type: REG_SZ or REG_EXPAND_SZ
    Default: "%TEMP%\AFSCache"
    Variable: cm_CachePath

    @@ -5967,7 +6230,7 @@ _Toc152605142'>Regkey:
    Value: NonPersistentCaching

    Type: DWORD [0..1]
    @@ -5983,7 +6246,7 @@ _Toc152605142'>Regkey:
    Value: ValidateCache

    Type: DWORD [0..2]
    @@ -6000,7 +6263,7 @@ _Toc152605142'>Regkey:
    Value: TrapOnPanic

    Type: DWORD {1,0}
    @@ -6014,9 +6277,9 @@ _Toc152605142'>Regkey:
    Value: NetbiosName
    + name="_Value___:_NetbiosName">Value: NetbiosName

    Type: REG_EXPAND_SZ
    Default: "AFS"
    Variable: cm_NetbiosName

    @@ -6029,7 +6292,7 @@ _Toc152605142'>Regkey:
    Value: IsGateway

    Type: DWORD {1,0}
    @@ -6049,7 +6312,7 @@ _Toc152605142'>Regkey:
    Value: ReportSessionStartups

    Type: DWORD {1,0}
    @@ -6064,9 +6327,10 @@ _Toc152605142'>Regkey:
    Value: TraceBufferSize
    + name="_Value_:_TraceBufferSize">Value: + TraceBufferSize

    Type: DWORD
    Default: 10000 (CM_CONFIGDEFAULT_TRACEBUFSIZE)
    Variable: traceBufSize

    @@ -6077,9 +6341,9 @@ _Toc152605142'>Regkey:
    Value: SysName
    + name="_Value_:_SysName">Value: SysName

    Type: REG_SZ
    Default: "x86_win32 i386_w2k i386_nt40" (X86)
    “amd64_win64 x86_win32 i386_w2k” (AMD64)
    @@ -6093,9 +6357,9 @@ _Toc152605142'>Regkey:
    Value: SecurityLevel
    + name="_Value_:_SecurityLevel">Value: SecurityLevel

    Type: DWORD {1,0}
    Default: 0
    Variable: cryptall

    @@ -6106,8 +6370,8 @@ _Toc152605142'>Regkey:
    Value: UseDNS

    Type: DWORD {1,0}
    Default: 1
    @@ -6119,9 +6383,10 @@ _Toc152605142'>Regkey:
    Value: FreelanceClient
    + name="_Value_:_FreelanceClient">Value: + FreelanceClient

    Type: DWORD {1,0}
    Default: 0
    Variable: cm_freelanceEnabled

    @@ -6132,9 +6397,9 @@ _Toc152605142'>Regkey:
    Value: HideDotFiles

    Type: DWORD {1,0}
    Default: 1
    @@ -6148,7 +6413,7 @@ _Toc152605142'>Regkey:
    Value: MaxMpxRequests

    Type: DWORD
    @@ -6162,7 +6427,7 @@ _Toc152605142'>Regkey:
    Value: MaxVCPerServer

    Type: DWORD
    @@ -6175,8 +6440,8 @@ _Toc152605142'>Regkey:
    Value: Cell

    Type: REG_SZ
    Default: <none>
    @@ -6225,9 +6490,9 @@ _Toc152605142'>Regkey:
    Value: RxMaxMTU
    + name="_Value_:_RxMaxMTU">Value: RxMaxMTU

    Type: DWORD
    Default: 0
    Variable: rx_mtu

    @@ -6241,8 +6506,8 @@ _Toc152605142'>Regkey:
    -
    Value: RxNoJumbo
    +
    Value: RxNoJumbo

    Type: DWORD {0,1}
    Default: 0
    Variable: rx_nojumbo

    @@ -6254,9 +6519,10 @@ _Toc152605142'>Regkey:
    Value: ConnDeadTimeout
    + name="_Value:_ConnDeadTimeout">Value: + ConnDeadTimeout

    Type: DWORD
    Default: 0 (seconds)
    Variable: ConnDeadtimeout

    @@ -6268,7 +6534,7 @@ _Toc152605142'>Regkey:
    Value: HardDeadTimeout

    Type: DWORD
    @@ -6291,10 +6557,10 @@ _Toc152605142'>Regkey:
    Value: TraceOption
    + name="_Toc191662209">Value: TraceOption

    Type: DWORD {0-15}
    Default: 0

    @@ -6317,7 +6583,7 @@ _Toc152605142'>Regkey:
    height:98.5pt'>
    Value: AllSubmount

    Type: @@ -6335,10 +6601,11 @@ _Toc152605142'>Regkey:
    Value: NoFindLanaByName
    + name="_Toc191662211">Value: + NoFindLanaByName

    Type: DWORD {0, 1}
    Default: 0

    @@ -6352,26 +6619,26 @@ _Toc152605142'>Regkey:
    height:78.5pt'>
    Value: MaxCPUs

    Type: DWORD {1..32} or {1..64} depending on the architecture
    Default: <no default>

    If - this value is specified, afsd_service.exe will restrict itself to executing - on the specified number of CPUs if there are a greater number installed in - the machine. 

    + this value is specified, afsd_service.exe will restrict itself to executing on + the specified number of CPUs if there are a greater number installed in the + machine. 

    Value: smbAuthType
    + name="_Toc191662213">Value: smbAuthType

    Type: DWORD {0..2}
    Default: 2

    @@ -6390,10 +6657,10 @@ _Toc152605142'>Regkey:
    Value: MaxLogSize
    + name="_Toc191662214">Value: MaxLogSize

    Type: DWORD {0 .. MAXDWORD}
    Default: 100K

    @@ -6409,7 +6676,7 @@ _Toc152605142'>Regkey:
    height:65.75pt'>
    Value: FlushOnHibernate

    Type: @@ -6486,8 +6753,8 @@ _Toc152605142'>Regkey:
    DWORD (seconds)
    Default: 60

    This value controls how - frequently the AFS cache manager checks for invalid file locks.

    + style='mso-fareast-font-family:"Times New Roman"'>This value controls how frequently + the AFS cache manager checks for invalid file locks.

    Regkey:
    -[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters\GlobalAutoMapper]

    +name="_Toc213844482">Regkey:
    +[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters\GlobalAutoMapper]     @@ -6701,7 +6969,7 @@ _Toc152605187'>Regkey:
    Value: <Drive Letter:> for example "G:"
    @@ -6715,13 +6983,14 @@ _Toc152605187'>Regkey:

    Regkey:
    -[HKLM\SOFTWARE\OpenAFS\Client]

    +name="_Toc213844483">Regkey:
    +[HKLM\SOFTWARE\OpenAFS\Client]     @@ -6729,44 +6998,44 @@ _Toc152605189'>Regkey:
     @@ -6872,13 +7141,14 @@ _Toc152605189'>Regkey:
    Value: CellServDBDir
    + name="_Value___:_CellServDBDir">Value: CellServDBDir

    Type: REG_SZ
    Default: <not defined>

    Specifies the directory containing the CellServDB file.  When this value is not specified, the ProgramData directory is - searched and if the CellServDB file is not found, the AFS Client install - directory is used.

    + searched and if the CellServDB file is not found, the AFS Client install directory + is used.
    Value: VerifyServiceSignature
    + name="_Value___:_VerifyServiceSignature">Value: + VerifyServiceSignature

    Type: REG_DWORD
    Default: 0x1

    This value can be used to disable the runtime verification of the digital signatures applied to afsd_service.exe and the - OpenAFS DLLs it loads.  This test is performed to verify - that   the DLLs which are loaded by afsd_service.exe are from the - same distribution as afsd_service.exe.  This is to prevent random errors - caused when DLLs from one distribution of AFS are loaded by another - one.  This is not a security test.  The reason for disabling this - test is to free up additional memory which can be used for a large cache - size.

    + OpenAFS DLLs it loads.  This test is performed to verify that   + the DLLs which are loaded by afsd_service.exe are from the same distribution + as afsd_service.exe.  This is to prevent random errors caused when DLLs + from one distribution of AFS are loaded by another one.  This is not a + security test.  The reason for disabling this test is to free up + additional memory which can be used for a large cache size.
    Value: IoctlDebug

    Type: REG_DWORD
    Default: 0x0

    @@ -6781,7 +7050,7 @@ _Toc152605189'>Regkey:
    Value: MiniDumpType

    Type: REG_DWORD
    @@ -6796,8 +7065,8 @@ _Toc152605189'>Regkey:
    most recent release of "Microsoft Debugging - Tools for Windows".  See the Microsoft Developer + "MS Mincho";text-decoration:none;text-underline:none'>Microsoft Debugging Tools + for Windows    ".  See the Microsoft Developer Library for further information.

    MiniDumpNormal = 0x00000000,
    MiniDumpWithDataSegs = 0x00000001,
    @@ -6819,9 +7088,9 @@ _Toc152605189'>Regkey:

    -
    Value: +
    Value: EnableSMBAsyncStore

    Type: REG_DWORD
    Default: 0x1

    @@ -6856,15 +7125,15 @@ _Toc152605189'>Regkey:
    to store filenames using the Windows system's ANSI character set instead of the OEM Code Page character set which has traditionally been used by SMB file systems. 

    -

    Note: The - use of ANSI characters will render access to files with 8-bit OEM file names - inaccessible from Windows.  This option is of use primarily when you - wish to allow file names produced on Windows to be accessible from Latin-1 - UNIX systems and vice versa.Note: The use of ANSI characters will render + access to files with 8-bit OEM file names inaccessible from Windows.  + This option is of use primarily when you wish to allow file names produced on + Windows to be accessible from Latin-1 UNIX systems and vice versa.

    Regkey:
    -[HKLM\SOFTWARE\OpenAFS\Client\CSCPolicy]

    +name="_Toc213844485">Regkey:
    +[HKLM\SOFTWARE\OpenAFS\Client\CSCPolicy]     @@ -6887,28 +7157,29 @@ _Toc152605195'>Regkey:
    Value: "smb/cifs share name"

    Type: REG_SZ
    Default: <none>

    -

    This key is used to map SMB/CIFS shares to Client Side - Caching (off-line access) policies. For each share one of the following - policies may be used: "manual", "programs", - "documents", "disable". 

    +

    This key is used to map SMB/CIFS shares to Client Side Caching + (off-line access) policies. For each share one of the following policies may + be used: "manual", "programs", "documents", + "disable". 

    These values used to be stored in afsdsbmt.ini

    Regkey:
    -[HKLM\SOFTWARE\OpenAFS\Client\Freelance]

    +name="_Toc213844486">Regkey:
    +[HKLM\SOFTWARE\OpenAFS\Client\Freelance]     @@ -6917,7 +7188,7 @@ style='mso-bookmark:_Toc191662244'>Regk
    Value: "numeric value"

    Type: REG_SZ
    @@ -6933,14 +7204,14 @@ style='mso-bookmark:_Toc191662244'>Regk

    Regkey:
    -[HKLM\SOFTWARE\OpenAFS\Client\Freelance\Symlinks]

    +_Toc213844487'>Regkey:
    +[HKLM\SOFTWARE\OpenAFS\Client\Freelance\Symlinks]     @@ -6949,14 +7220,14 @@ _Toc152605199'>Regkey:
    Value: "numeric value"

    Type: REG_SZ
    Default: <none>

    -

    This key is used to store a dot terminated symlink - strings for use in constructing the fake root.afs volume when Freelance - (dynamic roots) mode is activated.

    +

    This key is used to store a dot terminated symlink strings + for use in constructing the fake root.afs volume when Freelance (dynamic + roots) mode is activated.

    "linkname:destination-path."

    "athena:athena.mit.edu."

    "home:athena.mit.edu\user\j\a\jaltman."

    @@ -6966,13 +7237,14 @@ _Toc152605199'>Regkey:

    Regkey:
    -[HKLM\SOFTWARE\OpenAFS\Client\Realms]

    +name="_Toc213844488">Regkey:
    +[HKLM\SOFTWARE\OpenAFS\Client\Realms]

    The Realms key is used to provide initialization data to be used when new @@ -6983,11 +7255,12 @@ that matches the realm of the identity. configuration for the identity.

    Regkey:
    +name="_Toc213844489">    Regkey:
    [HKLM\SOFTWARE\OpenAFS\Client\Realms\”Realm -Name”]

    +Name”    ]

    In addition to the optional values, this key contains one subkey for each cell @@ -7001,32 +7274,32 @@ style='mso-spacerun:yes'>

    Value: AFSEnabled

    Type: REG_DWORD
    Default: 0x01

    -

    This key is used to specify whether the new identity should - be configured to obtain AFS credentials.  - In general, it is only specified when disabling the acquisition of AFS - credentials is desired.  The default is - to obtain AFS credentials.

    +

    This key is used to specify whether the new identity + should be configured to obtain AFS credentials.  In general, it is only specified when + disabling the acquisition of AFS credentials is desired.  The default is to obtain AFS credentials.

    Regkey:
    +_Toc152605203'>Regkey:
    [HKLM\SOFTWARE\OpenAFS\Client\Realms\”Realm -Name”\”Cell Name”]

    +Name”    \”Cell Name”] @@ -7061,22 +7334,23 @@ Name italic'>

    Type: REG_SZ
    Default: <none>

    -

    This key is used - to specify the realm to be used when acquiring AFS tokens.This key is + used to specify the realm to be used when acquiring AFS tokens.  If not specified, the realm will be - determined by performing a domain to realm mapping on the domain of a random - volume location database server for the cell.

    + determined by performing a domain to realm mapping on the domain of a random volume + location database server for the cell.

    Regkey:
    -[HKLM\SOFTWARE\OpenAFS\Client\Submounts]

    +style='mso-bookmark:_Toc152605203'>Regkey:
    +[HKLM\SOFTWARE\OpenAFS\Client\Submounts]     @@ -7106,11 +7380,12 @@ style='mso-bookmark:_Toc206421346'>Regkey:

    Regkey:
    -[HKLM\SOFTWARE\OpenAFS\Client\Server Preferences\VLDB]

    +style='mso-bookmark:_Toc152605203'>Regkey:
    +[HKLM\SOFTWARE\OpenAFS\Client\Server Preferences\VLDB]     @@ -7119,7 +7394,7 @@ style='mso-bookmark:_Toc206421347'>Regkey:
    Value: "hostname or ip address"

    Type: REG_DWORD
    @@ -7134,13 +7409,14 @@ style='mso-bookmark:_Toc206421347'>Regkey:

    Regkey:
    -[HKLM\SOFTWARE\OpenAFS\Client\Server Preferences\File]

    +name="_Toc213844493">Regkey:
    +[HKLM\SOFTWARE\OpenAFS\Client\Server Preferences\File]     @@ -7149,7 +7425,7 @@ _Toc152605205'>Regkey:
    Value: "hostname or ip address"

    Type: REG_DWORD
    @@ -7157,32 +7433,35 @@ _Toc152605205'>Regkey:

    This key is used to specify a default set of File server preferences. For each entry the value name will be either the IP address of a server or a fully qualified domain name.  The value will be the - ranking.  The ranking will be adjusted by a random value between 0 and - 256 prior to the preference being set.

    + ranking.  The ranking will be adjusted by a random value between 0 and 256 + prior to the preference being set.

    A.2. -Integrated Logon Network provider parameters

    +name="_Toc213847235">A.2. Integrated Logon +Network provider parameters

    Affects the network provider (afslogon.dll).

    Regkey: -[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]

    +name="_Toc213844495">Regkey: +[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters] @@ -7191,7 +7470,7 @@ _Toc152605208'>Regkey:
    Value: FailLoginsSilently

    Type: DWORD
    @@ -7202,13 +7481,14 @@ _Toc152605208'>Regkey:

    Regkey:
    -[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]

    +name="_Toc213844496">Regkey:
    +[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]     @@ -7216,7 +7496,7 @@ _Toc152605210'>Regkey:
    Value: NoWarnings

    Type: DWORD
    @@ -7228,7 +7508,7 @@ _Toc152605210'>Regkey:
    Value: AuthentProviderPath

    Type: REG_SZ
    @@ -7241,7 +7521,7 @@ _Toc152605210'>Regkey:
    Value: Class

    Type: DWORD
    @@ -7253,7 +7533,7 @@ _Toc152605210'>Regkey:
    Value: DependOnGroup

    Type: REG_MULTI_SZ
    @@ -7268,7 +7548,7 @@ _Toc152605210'>Regkey:
    Value: DependOnService

    Type: REG_MULTI_SZ
    @@ -7282,7 +7562,7 @@ _Toc152605210'>Regkey:
    Value: Name

    Type: REG_SZ
    @@ -7294,7 +7574,7 @@ _Toc152605210'>Regkey:
    Value: ProviderPath

    Type: REG_SZ
    @@ -7305,13 +7585,15 @@ _Toc152605210'>Regkey:

    A.2.1 -Domain specific configuration keys for the Network Provider

    +Domain specific configuration keys for the Network Provider

    The network provider can be configured to have different behavior depending on the @@ -7326,57 +7608,62 @@ network provider.

    specific registry keys are:

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]

    +name="_Toc213844498">[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]

      (NP key)

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain]

    +name="_Toc213844499">[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain]

      (Domains key)

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\"domain -name"]

    +name="_Toc213844500">[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\"domain +name"]

      (Specific domain key. One per domain.)

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\LOCALHOST]

    +name="_Toc213844501">[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\LOCALHOST]

      (Localhost key)

    Example:

    +name="_Toc213844502">Example:

     HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider

    @@ -7400,13 +7687,13 @@ of the domain specific keys can have the set of values described in 2.1.1.  The effective values are chosen as described in 2.1.2.

    A.2.1.1 Domain specific -configuration values

    +name="_Toc213844503">A.2.1.1 Domain specific configuration values

    Value: LogonOptions
    + name="_Value___:_LogonOptions">Value: LogonOptions

    Type: DWORD
    Default: 0x01

    NSIS/WiX: depends on user configuration

    @@ -7446,7 +7733,7 @@ name"]
    Value: FailLoginsSilentl

    Type: DWORD (1|0)
    @@ -7460,7 +7747,7 @@ name"]

    Value: LogonScript

    Type: REG_SZ or REG_EXPAND_SZ
    @@ -7479,7 +7766,7 @@ name"]

    Value: LoginRetryInterval

    Type: DWORD
    @@ -7495,7 +7782,7 @@ name"]

    Value: LoginSleepInterval

    Type: DWORD
    @@ -7513,17 +7800,17 @@ name"]
    NSIS: <not set>

    When Kerberos v5 is being used, Realm specifies the Kerberos v5 realm that should be appended to the first component of the - Domain logon username to construct the Kerberos v5 principal for which AFS tokens - should be obtained.

    + Domain logon username to construct the Kerberos v5 principal for which AFS + tokens should be obtained.

    Value: TheseCells
    + name="_Value:_TheseCells">Value: TheseCells

    Type: REG_MULTI_SZ
    NSIS: <not set>

    When Kerberos v5 is being used, TheseCells provides a @@ -7534,19 +7821,20 @@ name"]

    A.2.1.2 Selection of -effective values for domain specific configuration

    +name="_Toc213844504">A.2.1.2 Selection of effective values for +domain specific configuration

    During login to domain X, where X is the domain passed into NPLogonNotify as lpAuthentInfo->LogonDomainName or the string 'LOCALHOST' if -lpAuthentInfo->LogonDomainName equals the name of the computer, the -following keys will be looked up.

    +lpAuthentInfo->LogonDomainName equals the name of the computer, the following +keys will be looked up.

    1.      @@ -7576,13 +7864,13 @@ specific key supercedes a value in a less specific key.  The exceptions to this rule are stated below.

    A.2.1.3 Exceptions to -A.2.1.2

    +name="_Toc213844505">A.2.1.3 Exceptions to A.2.1.2

    To retain backwards compatibility, the following exceptions are made to 2.1.2.

    @@ -7615,25 +7903,28 @@ used regardless of the high security setting.  Please be aware of this when setting this value.

    A.3. -AFS Credentials System Tray Tool parameters

    +name="_Toc213847237">A.3. AFS Credentials +System Tray Tool parameters

    Affects the behavior of afscreds.exe

    Regkey:
    -[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]

    +name="_Toc213844507">Regkey:
    +[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]     @@ -7641,7 +7932,7 @@ _Toc152605237'>Regkey:
    Value: Gateway

    Type: REG_SZ
    @@ -7655,7 +7946,7 @@ _Toc152605237'>Regkey:
    Value: Cell

    Type: REG_SZ
    @@ -7668,14 +7959,15 @@ _Toc152605237'>Regkey:

    Regkey:
    +name="_Toc213844508">Regkey:
    [HKLM\SOFTWARE\OpenAFS\Client]
    -[HKCU\SOFTWARE\OpenAFS\Client]

    +[HKCU\SOFTWARE\OpenAFS\Client] @@ -7683,15 +7975,15 @@ _Toc152605240'>Regkey:
    Value: ShowTrayIcon

    Type: DWORD {0, 1}
    Default: 1
    Function: InitApp(), Main_OnCheckTerminate()

    -

    This value is used to determine whether or not a shortcut - should be maintained in the user's Start Menu->Programs->Startup - folder.

    +

    This value is used to determine whether or not a + shortcut should be maintained in the user's Start + Menu->Programs->Startup folder.

    This value used to be stored at [HKLM\Software\TransarcCorporation\AFS Client\AfsCreds].

    The current user value is checked first; if it does not @@ -7702,8 +7994,8 @@ _Toc152605240'>Regkey:
    Value: EnableKFW

    Type: DWORD {0, 1}
    @@ -7733,17 +8025,17 @@ _Toc152605240'>Regkey:
    href="mailto:user/admin@REALM">user/admin@REALM" are - interpreted as the same user identity within the cell.  To enable both - names to be sent to the server by AFSCreds or Integrated Logon, set this value - to 1.

    + interpreted as the same user identity within the cell.  To enable both names + to be sent to the server by AFSCreds or Integrated Logon, set this value to + 1.
    -
    Value: +
    Value: Use524

    Type: DWORD {0, 1}
    Default: 0
    @@ -7759,9 +8051,10 @@ _Toc152605240'>Regkey:
    Value: AfscredsShortcutParams
    + name="_Value___:_AfscredsShortcutParams">Value: + AfscredsShortcutParams

    Type: REG_SZ
    Default: "-A -M -N -Q"
    Function: Shortcut_FixStartup

    @@ -7786,13 +8079,14 @@ _Toc152605240'>Regkey:

    Regkey:
    -[HKCU\SOFTWARE\OpenAFS\Client]

    +name="_Toc213844509">Regkey:
    +[HKCU\SOFTWARE\OpenAFS\Client]     @@ -7801,7 +8095,7 @@ _Toc152605245'>Regkey:
    Value: Authentication Cell

    Type: REG_SZ
    @@ -7814,13 +8108,14 @@ _Toc152605245'>Regkey:

    Regkey:
    -[HKCU\SOFTWARE\OpenAFS\Client\Reminders]

    +name="_Toc213844510">Regkey:
    +[HKCU\SOFTWARE\OpenAFS\Client\Reminders]     @@ -7829,7 +8124,7 @@ _Toc152605247'>Regkey:
    Value: "afs cell name"

    Type: DWORD {0, 1}
    @@ -7844,13 +8139,14 @@ _Toc152605247'>Regkey:

    Regkey:
    -[HKCU\SOFTWARE\OpenAFS\Client\Active Maps]

    +name="_Toc213844511">Regkey:
    +[HKCU\SOFTWARE\OpenAFS\Client\Active Maps]     @@ -7859,7 +8155,7 @@ _Toc152605249'>Regkey:
    Value: "upper case drive letter"

    Type: DWORD {0, 1}
    @@ -7872,13 +8168,14 @@ _Toc152605249'>Regkey:

    Regkey:
    -[HKCU\SOFTWARE\OpenAFS\Client\Mappings]

    +name="_Toc213844512">Regkey:
    +[HKCU\SOFTWARE\OpenAFS\Client\Mappings]     @@ -7887,7 +8184,7 @@ _Toc152605251'>Regkey:
    Value: "upper case drive letter"

    Type: REG_SZ
    @@ -7900,22 +8197,23 @@ _Toc152605251'>Regkey:

    A.4 OpenAFS Client Service Environment -Variables

    +name="_Toc213847238">A.4 OpenAFS Client Service Environment Variables
    Variable: AFS_RPC_ENCRYPT

    Values:   "OFF" disables the use of @@ -7926,7 +8224,7 @@ style='mso-ansi-language:FR'>

    Variable: AFS_RPC_PROTSEQ

    Values:            diff --git a/src/WINNT/doc/install/Documentation/en_US/html/ReleaseNotes/toc.htm b/src/WINNT/doc/install/Documentation/en_US/html/ReleaseNotes/toc.htm index fff6c312d..d03235071 100644 --- a/src/WINNT/doc/install/Documentation/en_US/html/ReleaseNotes/toc.htm +++ b/src/WINNT/doc/install/Documentation/en_US/html/ReleaseNotes/toc.htm @@ -1,41 +1,53 @@ +xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" +xmlns="http://www.w3.org/TR/REC-html40"> - - + + -OpenAFS for Windows 1.5.54 Table of Contents + +OpenAFS for Windows 1.5.55 Table of Contents + + + - - - - - +

    1. -Installer Options

    +Installer Options

    + +

    2. System Requirements

    + +

    2.1 Supported Operating Systems

    + +

    2.1.1 Unsupported Operating Systems

    + +

    2.2 Disk Space

    + +

    2.3 Additional Software Packages

    + +

    3. Operational Notes

    + +

    3.1.Unicode Support

    + +

    3.2. Requirements for Kerberos v5 Authentication

    + +

    3.2.1. Active Directory

    + +

    3.2.2. Using the krb524 service

    + +

    3.2.3. Network Identity Manager Provider

    + +

    3.3. Use of the Microsoft Loopback Adapter by the AFS Client +Service

    + +

    3.4. Using Freelance (Dynamic Root) Mode to Improve Mobility

    + +

    3.45. Locating AFS Volume Database Servers via DNS

    + +

    3.6. Obtaining AFS Tokens as a Integrated Part of Windows +Logon

    + +

    3.7. AFS System Tray Command Line Options

    + +

    3.8. The “AFS Client Admins” Authorization Group

    + +

    3.9. OpenAFS support for UNC paths

    + +

    3.10. aklog.exe

    + +

    3.11. OpenAFS Servers on Windows are Unsupported

    + +

    3.11.1. OpenAFS Server Installation

    + +

    3.11.2. Using the AFS Client Service when the Server is +installed

    + +

    3.12. OpenAFS Debugging Symbol files

    + +

    3.13. Large File (64-bit) Support

    + +

    3.14. Encrypted AFS Network Communication

    + +

    3.15. Authenticated Access to the OpenAFS Client Service

    + +

    3.16. No More INI Files

    + +

    3.17. Microsoft Windows Internet Connection Firewall

    + +

    3.18. Browsing AFS from the Explorer Shell and Office

    + +

    3.19. Byte Range Locking

    + +

    3.20. Automatic Discarding of AFS Tokens at Logoff

    + +

    3.21. Windows Terminal Server installations

    + +

    3.22. Hidden Dot Files

    + +

    3.23. Status Cache Limits

    + +

    3.24. NETBIOS over TCP/IP must be enabled

    + +

    3.25. OpenAFS binaries are digitally signed

    + +

    3.26. Maximum Size of the AFSCache File

    + +

    3.27. Filename Character Sets

    + +

    3.28. Known Character Set Issues with Roaming Profiles

    + +

    3.29. The AFSCache File

    + +

    3.30. Restricting OpenAFS Client Service Start and Stop

    + +

    3.31. The @sys Name List

    + +

    3.32. Symlinks to AFS UNC paths

    + +

    3.33. Cache Manager Debugging

    + +

    3.34. Windows Logon Caching vs. Kerberos Logons

    + +

    3.35. Initial Server Preferences

    + +

    3.36. File Timestamps

    + +

    3.37. Windows RPC client support must be installed

    + +

    3.38. Generating Minidumps of the OpenAFS Client Service

    + +

    3.39. AFS Client Universally Unique Identifiers (UUIDs) vs. +System Cloning

    + +

    3.40. Delayed Write Errors with Microsoft Office +Applications

    + +

    3.41. Global Drives (aka Service Drive Letters) are no +longer supported by Microsoft

    + +

    3.42. 64-bit Microsoft Windows Installations

    + +

    3.43. Known Issues with Microsoft Windows Vista

    + +

    3.44. New AFS Share Name Syntax Provides Direct Access to +Volumes

    + +

    3.45. Differences between Windows and UNIX “fs examine”

    + +

    3.46. Literal evaluation of AFS objects via fs commands

    + +

    3.47. Out of Quota errors

    + +

    3.48. Linked Cells

    + +

    4. How to Debug Problems with OpenAFS for Windows

    + +

    4.1. pioctl debugging (IoctlDebug registry key)

    + +

    4.2. afsd_service initialization log +(%WinDir%\TEMP\afsd_init.log)

    + +

    4.3. afsd_service debug logs (fs trace {-on, -off, -dump} +->%WinDir%\TEMP\afsd.log)

    + +

    4.4. Using SysInternal’s DbgView and ProcMon or FileMon +Tools

    + +

    4.5. Microsoft MiniDumps  +(fs minidump -> %WinDir%\TEMP\afsd.dmp)

    + +

    4.6. Single Sign-on (Integrated Logon) debugging

    + +

    4.7. RX (AFS RPC) debugging (rxdebug)

    + +

    4.8. Cache Manager debugging (cmdebug)

    + +

    4.9. Persistent Cache consistency check

    + +

    4.10. Token Acquisition Debugging

    + +

    5. Reporting Bugs

    + +

    6. How to Contribute to the Development of OpenAFS for +Windows

    + +

    6.1. The USENIX OpenAFS Fund

    + +

    6.2. Secure Endpoints Inc.

    + +

    6.3. Direct contributions of code and/or documentation

    + +

    6.4. OpenAFS for Windows Mailing Lists

    + +

    7. MSI Deployment Guide

    + +

    7.1. Introduction

    + +

    7.1.1 Requirements

    + +

    7.1.2 Authoring a Transform

    + +

    7.2. Configuration Options

    + +

    7.2.1 Configurable Properties

    + +

    7.2.1.1 Setting Properties

    + +

    7.2.1.2 OpenAFS for Windows Properties

    + +

    (Service parameters):

    + +

    (Network provider):

    + +

    (OpenAFS Client):

    + +

    7.2.1.2.1 Registry Properties

    + +

    AFSCACHEPATH

    + +

    AFSCACHESIZE

    + +

    AFSCELLNAME

    + +

    FREELANCEMODE

    -

    2. -System Requirements

    - -

    2.1 -Supported Operating Systems

    - -

    2.1.1 -Unsupported Operating Systems

    - -

    2.2 -Disk Space

    - -

    2.3 -Additional Software Packages

    +

    HIDEDOTFILES

    -

    3. -Operational Notes

    - -

    3.0.Unicode -Support

    - -

    3.1. -Requirements for Kerberos v5 Authentication

    - -

    3.1.1. -Active Directory

    - -

    3.1.2. -Using the krb524 service

    - -

    3.1.3. -Network Identity Manager Provider

    - -

    3.2. -Use of the Microsoft Loopback Adapter by the AFS Client Service

    - -

    3.3. -Using Freelance (Dynamic Root) Mode to Improve Mobility

    - -

    3.4. -Locating AFS Volume Database Servers via DNS

    - -

    3.5. -Obtaining AFS Tokens as a Integrated Part of Windows Logon

    - -

    3.6. -AFS System Tray Command Line Options

    - -

    3.7. -The “AFS Client Admins” Authorization Group

    - -

    3.8. -OpenAFS support for UNC paths

    - -

    3.9. -aklog.exe

    - -

    3.10. -OpenAFS Servers on Windows are Unsupported

    - -

    3.10.1. -OpenAFS Server Installation

    - -

    3.10.2. -Using the AFS Client Service when the Server is installed

    - -

    3.11. -OpenAFS Debugging Symbol files

    - -

    3.12. -Large File (64-bit) Support

    - -

    3.13. -Encrypted AFS Network Communication

    - -

    3.14. -Authenticated Access to the OpenAFS Client Service

    - -

    3.15. -No More INI Files

    - -

    3.16. -Microsoft Windows Internet Connection Firewall

    - -

    3.17. -Browsing AFS from the Explorer Shell and Office

    - -

    3.18. -Byte Range Locking

    - -

    3.19. -Automatic Discarding of AFS Tokens at Logoff

    - -

    3.20. -Windows Terminal Server installations

    - -

    3.21. -Hidden Dot Files

    - -

    3.22. -Status Cache Limits

    - -

    3.23. -NETBIOS over TCP/IP must be enabled

    - -

    3.24. -OpenAFS binaries are digitally signed

    - -

    3.25. -Maximum Size of the AFSCache File

    - -

    3.26. -Filename Character Sets

    - -

    3.27. -Known Character Set Issues with Roaming Profiles

    - -

    3.28. -The AFSCache File

    - -

    3.29. -Restricting OpenAFS Client Service Start and Stop

    - -

    3.30. -The @sys Name List

    - -

    3.31. -Symlinks to AFS UNC paths

    - -

    3.32. -Cache Manager Debugging

    - -

    3.33. -Windows Logon Caching vs. Kerberos Logons

    - -

    3.34. -Initial Server Preferences

    - -

    3.35. -File Timestamps

    - -

    3.36. -Windows RPC client support must be installed

    - -

    3.37. -Generating Minidumps of the OpenAFS Client Service

    - -

    3.38. -AFS Client Universally Unique Identifiers (UUIDs) vs. System Cloning

    - -

    3.39. -Delayed Write Errors with Microsoft Office Applications

    - -

    3.40. -Global Drives (aka Service Drive Letters) are no longer supported by Microsoft

    - -

    3.41. -64-bit Microsoft Windows Installations

    - -

    3.42. -Known Issues with Microsoft Windows Vista

    - -

    3.43. -New AFS Share Name Syntax Provides Direct Access to Volumes

    - -

    3.44. -Differences between Windows and UNIX “fs examine”

    - -

    3.45. -Literal evaluation of AFS objects via fs commands

    - -

    3.46. -Out of Quota errors

    +

    LOGONOPTIONS

    -

    4. -How to Debug Problems with OpenAFS for Windows

    - -

    4.1. -pioctl debugging (IoctlDebug registry key)

    - -

    4.2. -afsd_service initialization log (%WinDir%\TEMP\afsd_init.log)

    - -

    4.3. -afsd_service debug logs (fs trace {-on, -off, -dump} -->%WinDir%\TEMP\afsd.log)

    - -

    4.4. -Using SysInternal’s DbgView and ProcMon or FileMon Tools

    - -

    4.5. -Microsoft MiniDumps  (fs minidump -> -%WinDir%\TEMP\afsd.dmp)

    - -

    4.6. -Single Sign-on (Integrated Logon) debugging

    - -

    4.7. -RX (AFS RPC) debugging (rxdebug)

    - -

    4.8. -Cache Manager debugging (cmdebug)

    - -

    4.9. -Persistent Cache consistency check

    - -

    4.10. -Token Acquisition Debugging

    +

    MOUNTROOT

    -

    5. -Reporting Bugs

    +

    NETBIOSNAME

    -

    6. -How to Contribute to the Development of OpenAFS for Windows

    - -

    6.1. -The USENIX OpenAFS Fund

    - -

    6.2. -Secure Endpoints Inc.

    - -

    6.3. -Direct contributions of code and/or documentation

    - -

    6.4. -OpenAFS for Windows Mailing ListsNOFINDLANABYNAME

    -

    7. -MSI Deployment Guide

    - -

    7.1. -Introduction

    - -

    7.1.1 -Requirements

    - -

    7.1.2 -Authoring a Transform

    - -

    7.2. -Configuration Options

    - -

    7.2.1 -Configurable Properties

    - -

    7.2.1.1 -Setting Properties

    - -

    7.2.1.2 -OpenAFS for Windows Properties

    - -

    (Service -parameters):

    - -

    (Network -provider):

    - -

    (OpenAFS -Client):

    - -

    7.2.1.2.1 -Registry Properties

    - -

    AFSCACHEPATH

    - -

    AFSCACHESIZE

    - -

    AFSCELLNAME

    - -

    FREELANCEMODE

    - -

    HIDEDOTFILES

    - -

    LOGONOPTIONS

    - -

    MOUNTROOT

    - -

    NETBIOSNAME

    - -

    NOFINDLANABYNAME

    - -

    RXMAXMTU

    - -

    SECURITYLEVEL

    - -

    SMBAUTHTYPE

    - -

    STOREANSIFILENAMES

    - -

    USEDNS

    - -

    7.2.1.2.2 -AFSCreds.exe Properties

    - -

    CREDSSTARTUP

    - -

    CREDSAUTOINIT

    - -

    CREDSIPCHDET

    - -

    CREDSQUIET

    - -

    CREDSRENEWDRMAP

    - -

    CREDSSHOW

    - -

    7.2.2 -Existing Registry Entries

    - -

    7.2.3 -Replacing Configuration Files

    - -

    7.2.3.1 -Components for Configuration Files

    - -

    7.2.4 -Adding Domain Specific Registry Keys

    - -

    7.2.5 -Adding Site Specific Freelance Registry Keys

    - -

    7.3 -Additional Resources

    - -

    7.4. -Upgrades

    +

    RXMAXMTU

    -

    Appendix -A: Registry Values

    - -

    A.1. -Service parameters

    - -

    Regkey: -[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]

    - -

    Value: -LANadapter

    - -

    Value: -CacheSize

    - -

    Value: -ChunkSize

    - -

    Value: -Daemons

    - -

    Value: -ServerThreads

    - -

    Value: -Stats

    - -

    Value: -LogoffPreserveTokens

    - -

    Value: -RootVolume

    - -

    Value: -MountRoot

    - -

    Value: -CachePath

    - -

    Value: -NonPersistentCaching

    - -

    Value: -ValidateCache

    - -

    Value: -TrapOnPanic

    - -

    Value: -NetbiosName

    - -

    Value: -IsGateway

    - -

    Value: -ReportSessionStartups

    - -

    Value: -TraceBufferSize

    - -

    Value: -SysName

    - -

    Value: -SecurityLevel

    - -

    Value: -UseDNS

    - -

    Value: -FreelanceClient

    - -

    Value: -HideDotFiles

    - -

    Value: -MaxMpxRequests

    - -

    Value: -MaxVCPerServer

    - -

    Value: -Cell

    - -

    Value: -RxNoJumbo

    - -

    Value: -RxMaxMTU

    - -

    Value: -ConnDeadTimeout

    - -

    Value: -HardDeadTimeout

    - -

    Value: -TraceOption

    - -

    Value: -AllSubmount

    - -

    Value: -NoFindLanaByName

    - -

    Value: -MaxCPUs

    - -

    Value: -smbAuthType

    - -

    Value: -MaxLogSize

    - -

    Value: -FlushOnHibernate

    - -

    Value: -daemonCheckDownInterval

    - -

    Value: -daemonCheckUpInterval

    - -

    Value: -daemonCheckVolInterval

    - -

    Value: -daemonCheckCBInterval

    - -

    Value: -daemonCheckLockInterval

    - -

    Value: -daemonCheckTokenInterval

    - -

    Value: -daemonCheckOfflineVolInterval

    - -

    Value: -CallBackPort

    - -

    Value: -EnableServerLocks

    - -

    Value: -DeleteReadOnly

    - -

    Value: -BPlusTrees

    - -

    Value: -PrefetchExecutableExtensions

    - -

    Value: -OfflineReadOnlyIsValid

    - -

    Value: -GiveUpAllCallBacks

    - -

    Value: -FollowBackupPath

    - -

    Regkey: -[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters\GlobalAutoMapper]

    - -

    Value: -<Drive Letter:> for example "G:"

    - -

    Regkey: -[HKLM\SOFTWARE\OpenAFS\Client]

    - -

    Value: -CellServDBDir

    - -

    Value: -VerifyServiceSignature

    - -

    Value: -IoctlDebug

    - -

    Value: -MiniDumpType

    - -

    Value: -EnableSMBAsyncStore

    - -

    Value: -SMBAsyncStoreSize

    - -

    Value: -StoreAnsiFilenames

    - -

    Regkey: -[HKLM\SOFTWARE\OpenAFS\Client\CSCPolicy]

    - -

    Value: -"smb/cifs share name"

    - -

    Regkey: -[HKLM\SOFTWARE\OpenAFS\Client\Freelance]

    - -

    Value: -"numeric value"

    - -

    Regkey: -[HKLM\SOFTWARE\OpenAFS\Client\Freelance\Symlinks]

    - -

    Value: -"numeric value"

    - -

    Regkey: -[HKLM\SOFTWARE\OpenAFS\Client\Realms]

    - -

    Regkey: -[HKLM\SOFTWARE\OpenAFS\Client\Realms”Realm -Name”]

    - -

    Value: -AFSEnabled

    - -

    Regkey: -[HKLM\SOFTWARE\OpenAFS\Client\Realms”Realm -Name””Cell Name”]

    - -

    Value: -MethodName

    - -

    Value: -Realm

    - -

    Regkey: -[HKLM\SOFTWARE\OpenAFS\Client\Submounts]

    - -

    Value: -"submount name"

    - -

    Regkey: -[HKLM\SOFTWARE\OpenAFS\Client\Server Preferences\VLDB]

    - -

    Value: -"hostname or ip address"

    - -

    Regkey: -[HKLM\SOFTWARE\OpenAFS\Client\Server Preferences\File]

    - -

    Value: -"hostname or ip address"

    - -

    A.2. -Integrated Logon Network provider parameters

    - -

    Regkey: -[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]

    - -

    Value: -FailLoginsSilently

    - -

    Regkey: -[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]

    - -

    Value: -NoWarnings

    - -

    Value: -AuthentProviderPath

    - -

    Value: -Class

    - -

    Value: -DependOnGroup

    - -

    Value: -DependOnService

    - -

    Value: -Name

    - -

    Value: -ProviderPath

    - -

    A.2.1 -Domain specific configuration keys for the Network Provider

    - -

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]

    - -

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain]

    - -

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain"domain -name"]

    - -

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\LOCALHOST]

    - -

    Example:

    - -

    A.2.1.1 -Domain specific configuration values

    - -

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider] +

    SECURITYLEVEL

    + +

    SMBAUTHTYPE

    + +

    STOREANSIFILENAMES

    + +

    USEDNS

    + +

    7.2.1.2.2 AFSCreds.exe Properties

    + +

    CREDSSTARTUP

    + +

    CREDSAUTOINIT

    + +

    CREDSIPCHDET

    + +

    CREDSQUIET

    + +

    CREDSRENEWDRMAP

    + +

    CREDSSHOW

    + +

    7.2.2 Existing Registry Entries

    + +

    7.2.3 Replacing Configuration Files

    + +

    7.2.3.1 Components for Configuration Files

    + +

    7.2.4 Adding Domain Specific Registry Keys

    + +

    7.2.5 Adding Site Specific Freelance Registry Keys

    + +

    7.3 Additional Resources

    + +

    7.4. Upgrades

    + +

    Appendix A: Registry Values

    + +

    A.1. Service parameters

    + +

    Regkey: +[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]

    + +

    Value: LANadapter

    + +

    Value: CacheSize

    + +

    Value: ChunkSize

    + +

    Value: Daemons

    + +

    Value: ServerThreads

    + +

    Value: Stats

    + +

    Value: LogoffPreserveTokens

    + +

    Value: RootVolume

    + +

    Value: MountRoot

    + +

    Value: CachePath

    + +

    Value: NonPersistentCaching

    + +

    Value: ValidateCache

    + +

    Value: TrapOnPanic

    + +

    Value: NetbiosName

    + +

    Value: IsGateway

    + +

    Value: ReportSessionStartups

    + +

    Value: TraceBufferSize

    + +

    Value: SysName

    + +

    Value: SecurityLevel

    + +

    Value: UseDNS

    + +

    Value: FreelanceClient

    + +

    Value: HideDotFiles

    + +

    Value: MaxMpxRequests

    + +

    Value: MaxVCPerServer

    + +

    Value: Cell

    + +

    Value: RxNoJumbo

    + +

    Value: RxMaxMTU

    + +

    Value: ConnDeadTimeout

    + +

    Value: HardDeadTimeout

    + +

    Value: TraceOption

    + +

    Value: AllSubmount

    + +

    Value: NoFindLanaByName

    + +

    Value: MaxCPUs

    + +

    Value: smbAuthType

    + +

    Value: MaxLogSize

    + +

    Value: FlushOnHibernate

    + +

    Value: daemonCheckDownInterval

    + +

    Value: daemonCheckUpInterval

    + +

    Value: daemonCheckVolInterval

    + +

    Value: daemonCheckCBInterval

    + +

    Value: daemonCheckLockInterval

    + +

    Value: daemonCheckTokenInterval

    + +

    Value: daemonCheckOfflineVolInterval

    + +

    Value: CallBackPort

    + +

    Value: EnableServerLocks

    + +

    Value: DeleteReadOnly

    + +

    Value: BPlusTrees

    + +

    Value: PrefetchExecutableExtensions

    + +

    Value: OfflineReadOnlyIsValid

    + +

    Value: GiveUpAllCallBacks

    + +

    Value: FollowBackupPath

    + +

    Regkey: +[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters\GlobalAutoMapper]

    + +

    Value: <Drive Letter:> for example "G:"

    + +

    Regkey: [HKLM\SOFTWARE\OpenAFS\Client]

    + +

    Value: CellServDBDir

    + +

    Value: VerifyServiceSignature

    + +

    Value: IoctlDebug

    + +

    Value: MiniDumpType

    + +

    Value: EnableSMBAsyncStore

    + +

    Value: SMBAsyncStoreSize

    + +

    Value: StoreAnsiFilenames

    + +

    Regkey: [HKLM\SOFTWARE\OpenAFS\Client\CSCPolicy]

    + +

    Value: "smb/cifs share name"

    + +

    Regkey: [HKLM\SOFTWARE\OpenAFS\Client\Freelance]

    + +

    Value: "numeric value"

    + +

    Regkey: [HKLM\SOFTWARE\OpenAFS\Client\Freelance\Symlinks]

    + +

    Value: "numeric value"

    + +

    Regkey: [HKLM\SOFTWARE\OpenAFS\Client\Realms]

    + +

    Regkey: [HKLM\SOFTWARE\OpenAFS\Client\Realms”Realm Name”]

    + +

    Value: AFSEnabled

    + +

    Regkey: [HKLM\SOFTWARE\OpenAFS\Client\Realms”Realm Name””Cell Name”]

    + +

    Value: MethodName

    + +

    Value: Realm

    + +

    Regkey: [HKLM\SOFTWARE\OpenAFS\Client\Submounts]

    + +

    Value: "submount name"

    + +

    Regkey: [HKLM\SOFTWARE\OpenAFS\Client\Server +Preferences\VLDB]

    + +

    Value: "hostname or ip address"

    + +

    Regkey: [HKLM\SOFTWARE\OpenAFS\Client\Server +Preferences\File]

    + +

    Value: "hostname or ip address"

    + +

    A.2. Integrated Logon Network provider parameters

    + +

    Regkey: +[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]

    + +

    Value: FailLoginsSilently

    + +

    Regkey: +[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]

    + +

    Value: NoWarnings

    + +

    Value: AuthentProviderPath

    + +

    Value: Class

    + +

    Value: DependOnGroup

    + +

    Value: DependOnService

    + +

    Value: Name

    + +

    Value: ProviderPath

    + +

    A.2.1 Domain specific configuration keys for the Network Provider

    + +

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]

    + +

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain]

    + +

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain"domain +name"]

    + +

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\LOCALHOST]

    + +

    Example:

    + +

    A.2.1.1 Domain specific configuration values

    + +

    [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain] [HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain"domain -name"] -[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\LOCALHOST]

    - -

    Value: -LogonOptions

    - -

    Value: -FailLoginsSilentl

    - -

    Value: -LogonScript

    - -

    Value: -LoginRetryInterval

    - -

    Value: -LoginSleepInterval

    - -

    Value: -Realm

    - -

    Value: -TheseCells

    - -

    A.2.1.2 -Selection of effective values for domain specific configuration

    - -

    A.2.1.3 -Exceptions to A.2.1.2

    - -

    2.1.3.1 -'FailLoginsSilently'

    - -

    2.1.3.2 -'LogonScript'

    - -

    A.3. -AFS Credentials System Tray Tool parameters

    - -

    Regkey: -[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]

    - -

    Value: -Gateway

    - -

    Value: -Cell

    - -

    Regkey: -[HKLM\SOFTWARE\OpenAFS\Client] [HKCU\SOFTWARE\OpenAFS\Client]

    - -

    Value: -ShowTrayIcon

    - -

    Value: -EnableKFW

    - -

    Value: -AcceptDottedPrincipalNames

    - -

    Value: -Use524

    - -

    Value: -AfscredsShortcutParams

    - -

    Regkey: -[HKCU\SOFTWARE\OpenAFS\Client]

    - -

    Value: -Authentication Cell

    - -

    Regkey: -[HKCU\SOFTWARE\OpenAFS\Client\Reminders]

    - -

    Value: -"afs cell name"

    - -

    Regkey: -[HKCU\SOFTWARE\OpenAFS\Client\Active Maps]

    - -

    Value: -"upper case drive letter"

    - -

    Regkey: -[HKCU\SOFTWARE\OpenAFS\Client\Mappings]

    - -

    Value: -"upper case drive letter"

    - -

    + +

    Value: LogonOptions

    + +

    Value: FailLoginsSilentl

    + +

    Value: LogonScript

    + +

    Value: LoginRetryInterval

    + +

    Value: LoginSleepInterval

    + +

    Value: Realm

    + +

    Value: TheseCells

    + +

    A.2.1.2 Selection of effective values for domain specific +configuration

    + +

    A.2.1.3 Exceptions to A.2.1.2

    + +

    2.1.3.1 'FailLoginsSilently'

    + +

    2.1.3.2 'LogonScript'

    + +

    A.3. AFS Credentials System Tray Tool parameters

    + +

    Regkey: +[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]

    + +

    Value: Gateway

    + +

    Value: Cell

    + +

    Regkey: [HKLM\SOFTWARE\OpenAFS\Client] +[HKCU\SOFTWARE\OpenAFS\Client]

    + +

    Value: ShowTrayIcon

    + +

    Value: EnableKFW

    + +

    Value: AcceptDottedPrincipalNames

    + +

    Value: Use524

    + +

    Value: AfscredsShortcutParams

    + +

    Regkey: [HKCU\SOFTWARE\OpenAFS\Client]

    + +

    Value: Authentication Cell

    + +

    Regkey: [HKCU\SOFTWARE\OpenAFS\Client\Reminders]

    + +

    Value: "afs cell name"

    + +

    Regkey: [HKCU\SOFTWARE\OpenAFS\Client\Active Maps]

    + +

    Value: "upper case drive letter"

    + +

    Regkey: [HKCU\SOFTWARE\OpenAFS\Client\Mappings]

    + +

    Value: "upper case drive letter"

    + +

    A.4 OpenAFS Client Service Environment -Variables

    - -

    Variable: -AFS_RPC_ENCRYPT

    - -

    Variable: -AFS_RPC_PROTSEQ

    +Variables

    -

     

    +

    Variable: AFS_RPC_ENCRYPT

    - +

    Variable: AFS_RPC_PROTSEQ

    + +

     

     

    diff --git a/src/WINNT/doc/install/Documentation/en_US/html/index.htm b/src/WINNT/doc/install/Documentation/en_US/html/index.htm index 87ee757df..fa34710f2 100755 --- a/src/WINNT/doc/install/Documentation/en_US/html/index.htm +++ b/src/WINNT/doc/install/Documentation/en_US/html/index.htm @@ -57,7 +57,7 @@ p

    OpenAFS for Windows

    -

    Version 1.5.54

    +

    Version 1.5.55

     

    @@ -78,7 +78,7 @@ revised documentation to replace it at the current time.

    ·         OpenAFS for Windows 1.5.54 +href="ReleaseNotes/relnotes-frames.htm">OpenAFS for Windows 1.5.55 Release Notes

    -- 2.39.5