openafs/doc/txt/winnotes/registry.txt

484 lines
12 KiB
Plaintext
Raw Normal View History

skyrope-mit-merge-hell-20040226 From Skyrope: The Skyrope work attempted to improve on the end user experience of using OpenAFS in the following ways: * Obtain tokens using renewable Kerberos 5 tickets in order to reduce the need for end users to renew expired tokens * Monitor the list of IP Addresses in order to detect changes in the network configuration which might affect the reachability of cells or the state of the AFS Client Service. When cells are newly reachable, obtain tokens for the cells. If the AFS Client Service is not running, start it. If tokens are expiring attempt to renew them. * Use KDC probes to detect the accessibility of realms/cells. If the KDC is not reachable, do not prompt the end user for a username and password. (fs probe is not implemented on windows) * Automatically obtain tokens using the Windows Logon Session Kerberos credentials (if available) * Allow tokens for multiple cells to be obtained by using the same Kerberos 5 tickets. (no UI yet implemented) * Perform drive mapping persistance by tracking it within the afsdsbmt.ini file instead of relying on the Windows Shell to persist the state. * Add new afscreds.exe command line options and change the default set used when creating the "AFS Credentials" shortcut in the Start Menu->Programs->Startup folder. From MIT: * Auto-detection of loopback adapters. Use "AFS" as the netbios name when a loopback adapter is installed. * Support for responding to power management events. Used to flush the cache when the machine is about to suspend, hibernate, or shutdown * Documentation of Registry entries * Support for Extended SMB Requests * Beginning of support for true Event Log reporting from a message database * Hidden Dot File support (configured via the HideDotFiles registry option) * Configurable Max number of Multiplexed Sessions (MaxMpxRequests registry option) * Configurable Max MTU size (RxMaxMTU registry option) * Configurable Jumbogram support (RxNoJumbo registry option) * Configurable Max number of Virtual Connections per Server (MaxVCPerServer registry option) * Win32 DNS API support * Addition of SMB_ATTR_xxxx defines for use instead of hex numbers * A variety of heap access and resource deallocation errors corrected in the SMB code * Support for recursive directory creation * Modifications to the en_US version of the client configuration dialog (need to port to other languages) Notes on the current check-in: * The KfW code will always be used when installed on the machine. This code only supports Krb5 and will not work with Krb4 only realms. A registry flag indicating whether or not KfW should be used if found needs to be added. * afscreds.exe needs to have a registry entry created to control the parameter list it should be started with. There should be a dialog to control this in the installer and within afscreds.exe * The MIT method of auto-assigning the mount-root and the netbios name is in conflict with the morgan stanley submissions in some parts of the code. If you are using the loopback adapter with this code both the "NetbiosName" = "AFS" and "Mountroot" = "/afs" registry options must be specified. This will be fixed in coming days.
2004-02-26 19:22:35 +00:00
Registry keys and Environment Variables used in the Windows AFS Client
----------------------------------------------------------------------
skyrope-mit-merge-hell-20040226 From Skyrope: The Skyrope work attempted to improve on the end user experience of using OpenAFS in the following ways: * Obtain tokens using renewable Kerberos 5 tickets in order to reduce the need for end users to renew expired tokens * Monitor the list of IP Addresses in order to detect changes in the network configuration which might affect the reachability of cells or the state of the AFS Client Service. When cells are newly reachable, obtain tokens for the cells. If the AFS Client Service is not running, start it. If tokens are expiring attempt to renew them. * Use KDC probes to detect the accessibility of realms/cells. If the KDC is not reachable, do not prompt the end user for a username and password. (fs probe is not implemented on windows) * Automatically obtain tokens using the Windows Logon Session Kerberos credentials (if available) * Allow tokens for multiple cells to be obtained by using the same Kerberos 5 tickets. (no UI yet implemented) * Perform drive mapping persistance by tracking it within the afsdsbmt.ini file instead of relying on the Windows Shell to persist the state. * Add new afscreds.exe command line options and change the default set used when creating the "AFS Credentials" shortcut in the Start Menu->Programs->Startup folder. From MIT: * Auto-detection of loopback adapters. Use "AFS" as the netbios name when a loopback adapter is installed. * Support for responding to power management events. Used to flush the cache when the machine is about to suspend, hibernate, or shutdown * Documentation of Registry entries * Support for Extended SMB Requests * Beginning of support for true Event Log reporting from a message database * Hidden Dot File support (configured via the HideDotFiles registry option) * Configurable Max number of Multiplexed Sessions (MaxMpxRequests registry option) * Configurable Max MTU size (RxMaxMTU registry option) * Configurable Jumbogram support (RxNoJumbo registry option) * Configurable Max number of Virtual Connections per Server (MaxVCPerServer registry option) * Win32 DNS API support * Addition of SMB_ATTR_xxxx defines for use instead of hex numbers * A variety of heap access and resource deallocation errors corrected in the SMB code * Support for recursive directory creation * Modifications to the en_US version of the client configuration dialog (need to port to other languages) Notes on the current check-in: * The KfW code will always be used when installed on the machine. This code only supports Krb5 and will not work with Krb4 only realms. A registry flag indicating whether or not KfW should be used if found needs to be added. * afscreds.exe needs to have a registry entry created to control the parameter list it should be started with. There should be a dialog to control this in the installer and within afscreds.exe * The MIT method of auto-assigning the mount-root and the netbios name is in conflict with the morgan stanley submissions in some parts of the code. If you are using the loopback adapter with this code both the "NetbiosName" = "AFS" and "Mountroot" = "/afs" registry options must be specified. This will be fixed in coming days.
2004-02-26 19:22:35 +00:00
REGISTRY KEYS:
skyrope-mit-merge-hell-20040226 From Skyrope: The Skyrope work attempted to improve on the end user experience of using OpenAFS in the following ways: * Obtain tokens using renewable Kerberos 5 tickets in order to reduce the need for end users to renew expired tokens * Monitor the list of IP Addresses in order to detect changes in the network configuration which might affect the reachability of cells or the state of the AFS Client Service. When cells are newly reachable, obtain tokens for the cells. If the AFS Client Service is not running, start it. If tokens are expiring attempt to renew them. * Use KDC probes to detect the accessibility of realms/cells. If the KDC is not reachable, do not prompt the end user for a username and password. (fs probe is not implemented on windows) * Automatically obtain tokens using the Windows Logon Session Kerberos credentials (if available) * Allow tokens for multiple cells to be obtained by using the same Kerberos 5 tickets. (no UI yet implemented) * Perform drive mapping persistance by tracking it within the afsdsbmt.ini file instead of relying on the Windows Shell to persist the state. * Add new afscreds.exe command line options and change the default set used when creating the "AFS Credentials" shortcut in the Start Menu->Programs->Startup folder. From MIT: * Auto-detection of loopback adapters. Use "AFS" as the netbios name when a loopback adapter is installed. * Support for responding to power management events. Used to flush the cache when the machine is about to suspend, hibernate, or shutdown * Documentation of Registry entries * Support for Extended SMB Requests * Beginning of support for true Event Log reporting from a message database * Hidden Dot File support (configured via the HideDotFiles registry option) * Configurable Max number of Multiplexed Sessions (MaxMpxRequests registry option) * Configurable Max MTU size (RxMaxMTU registry option) * Configurable Jumbogram support (RxNoJumbo registry option) * Configurable Max number of Virtual Connections per Server (MaxVCPerServer registry option) * Win32 DNS API support * Addition of SMB_ATTR_xxxx defines for use instead of hex numbers * A variety of heap access and resource deallocation errors corrected in the SMB code * Support for recursive directory creation * Modifications to the en_US version of the client configuration dialog (need to port to other languages) Notes on the current check-in: * The KfW code will always be used when installed on the machine. This code only supports Krb5 and will not work with Krb4 only realms. A registry flag indicating whether or not KfW should be used if found needs to be added. * afscreds.exe needs to have a registry entry created to control the parameter list it should be started with. There should be a dialog to control this in the installer and within afscreds.exe * The MIT method of auto-assigning the mount-root and the netbios name is in conflict with the morgan stanley submissions in some parts of the code. If you are using the loopback adapter with this code both the "NetbiosName" = "AFS" and "Mountroot" = "/afs" registry options must be specified. This will be fixed in coming days.
2004-02-26 19:22:35 +00:00
1. Service parameters
---------------------
The service parameters primarily affect the behavior of the AFS client
service (afsd_service.exe).
Regkey:
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]
Value : LANadapter
Type : DWORD
Default : -1
Variable: LANadapter
LAN adapter number to use. This is the lana number of the LAN
adapter that the SMB server should bind to. If unspecified or set
to -1, a LAN adapter with named 'AFS' or a loopback adapter will be
selected. If neither are present, then all available adapters will
be bound to. When binding to a non-loopback adapter, the NetBIOS
name '%hostname%-AFS' will be used (where %hostname% is the NetBIOS
name of the host truncated to 11 characters). Otherwise, the NetBIOS
name will be 'AFS'.
Value : CacheSize
Type : QWORD
Default : 20480 (CM_CONFIGDEFAULT_CACHESIZE)
Variable: cm_initParams.cacheSize
Size of the AFS cache.
Value : ChunkSize
Type : DWORD
Default : 15 (CM_CONFIGDEFAULT_CHUNKSIZE)
Variable: cm_logChunkSize (cm_chunkSize = 1 << cm_logChunkSize)
Size of chunk for reading and writing. Actual chunk size is 2^cm_logChunkSize.
Value : Daemons
Type : DWORD
Default : 2 (CM_CONFIGDEFAULT_DAEMONS)
Variable: numBkgD
Number of background daemons (number of threads of
cm_BkgDaemon). (see cm_BkgDaemon in cm_daemon.c)
Value : ServerThreads
Type : DWORD
Default : 4 (CM_CONFIGDEFAULT_SVTHREADS)
Variable: numSvThreads
Number of SMB server threads (number of threads of smb_Server). (see
smb_Server in smb.c).
Value : Stats
Type : QWORD
Default : 1000 (CM_CONFIGDEFAULT_STATS)
Variable: cm_initParams.nStatCaches
Cache configuration.
Value : LogoffTokenTransfer
Type : DWORD {1,0}
Default : 1
Variable: smb_LogoffTokenTransfer
If enabled (set to 1), activates functionality where the user's
tokens are kept intact until smb_LogoffTokenTransferTimeout seconds
skyrope-mit-merge-hell-20040226 From Skyrope: The Skyrope work attempted to improve on the end user experience of using OpenAFS in the following ways: * Obtain tokens using renewable Kerberos 5 tickets in order to reduce the need for end users to renew expired tokens * Monitor the list of IP Addresses in order to detect changes in the network configuration which might affect the reachability of cells or the state of the AFS Client Service. When cells are newly reachable, obtain tokens for the cells. If the AFS Client Service is not running, start it. If tokens are expiring attempt to renew them. * Use KDC probes to detect the accessibility of realms/cells. If the KDC is not reachable, do not prompt the end user for a username and password. (fs probe is not implemented on windows) * Automatically obtain tokens using the Windows Logon Session Kerberos credentials (if available) * Allow tokens for multiple cells to be obtained by using the same Kerberos 5 tickets. (no UI yet implemented) * Perform drive mapping persistance by tracking it within the afsdsbmt.ini file instead of relying on the Windows Shell to persist the state. * Add new afscreds.exe command line options and change the default set used when creating the "AFS Credentials" shortcut in the Start Menu->Programs->Startup folder. From MIT: * Auto-detection of loopback adapters. Use "AFS" as the netbios name when a loopback adapter is installed. * Support for responding to power management events. Used to flush the cache when the machine is about to suspend, hibernate, or shutdown * Documentation of Registry entries * Support for Extended SMB Requests * Beginning of support for true Event Log reporting from a message database * Hidden Dot File support (configured via the HideDotFiles registry option) * Configurable Max number of Multiplexed Sessions (MaxMpxRequests registry option) * Configurable Max MTU size (RxMaxMTU registry option) * Configurable Jumbogram support (RxNoJumbo registry option) * Configurable Max number of Virtual Connections per Server (MaxVCPerServer registry option) * Win32 DNS API support * Addition of SMB_ATTR_xxxx defines for use instead of hex numbers * A variety of heap access and resource deallocation errors corrected in the SMB code * Support for recursive directory creation * Modifications to the en_US version of the client configuration dialog (need to port to other languages) Notes on the current check-in: * The KfW code will always be used when installed on the machine. This code only supports Krb5 and will not work with Krb4 only realms. A registry flag indicating whether or not KfW should be used if found needs to be added. * afscreds.exe needs to have a registry entry created to control the parameter list it should be started with. There should be a dialog to control this in the installer and within afscreds.exe * The MIT method of auto-assigning the mount-root and the netbios name is in conflict with the morgan stanley submissions in some parts of the code. If you are using the loopback adapter with this code both the "NetbiosName" = "AFS" and "Mountroot" = "/afs" registry options must be specified. This will be fixed in coming days.
2004-02-26 19:22:35 +00:00
elapse after user logs off. If roaming profiles are used and the
roaming profile takes a long time to be written back, this ensures
that the tokens remain valid until the profile save is complete.
Value : LogoffTokenTransferTimeout
Type : QWORD
Default : 10
Variable: smb_LogoffTokenTransferTimeout
See LogoffTokenTransfer above.
Value : RootVolume
Type : REG_SZ
Default : "root.afs"
Variable: cm_rootVolumeName
Root volume name.
Value : Mountroot
Type : REG_SZ
Default : "/afs"
Variable: cm_mountRoot
Name of root mount point. In symlinks, if a path starts with
cm_mountRoot, it is assumed that the path is absolute (as opposed to
relative) and is adjusted accordingly. Eg: if a path is specified as
/afs/athena.mit.edu/foo/bar/baz and cm_mountRoot is "/afs", then the
path is interpreted as \\afs\all\athena.mit.edu\foo\bar\baz. If a
path does not start with with cm_mountRoot, the path is assumed to
be relative and suffixed to the reference directory (i.e. directory
where the symlink exists)
Value : CachePath
Type : REG_SZ
Default : "\AFSCache"
Variable: cm_CachePath
Location of on-disk cache file. The default implies the root
directory of the boot disk
skyrope-mit-merge-hell-20040226 From Skyrope: The Skyrope work attempted to improve on the end user experience of using OpenAFS in the following ways: * Obtain tokens using renewable Kerberos 5 tickets in order to reduce the need for end users to renew expired tokens * Monitor the list of IP Addresses in order to detect changes in the network configuration which might affect the reachability of cells or the state of the AFS Client Service. When cells are newly reachable, obtain tokens for the cells. If the AFS Client Service is not running, start it. If tokens are expiring attempt to renew them. * Use KDC probes to detect the accessibility of realms/cells. If the KDC is not reachable, do not prompt the end user for a username and password. (fs probe is not implemented on windows) * Automatically obtain tokens using the Windows Logon Session Kerberos credentials (if available) * Allow tokens for multiple cells to be obtained by using the same Kerberos 5 tickets. (no UI yet implemented) * Perform drive mapping persistance by tracking it within the afsdsbmt.ini file instead of relying on the Windows Shell to persist the state. * Add new afscreds.exe command line options and change the default set used when creating the "AFS Credentials" shortcut in the Start Menu->Programs->Startup folder. From MIT: * Auto-detection of loopback adapters. Use "AFS" as the netbios name when a loopback adapter is installed. * Support for responding to power management events. Used to flush the cache when the machine is about to suspend, hibernate, or shutdown * Documentation of Registry entries * Support for Extended SMB Requests * Beginning of support for true Event Log reporting from a message database * Hidden Dot File support (configured via the HideDotFiles registry option) * Configurable Max number of Multiplexed Sessions (MaxMpxRequests registry option) * Configurable Max MTU size (RxMaxMTU registry option) * Configurable Jumbogram support (RxNoJumbo registry option) * Configurable Max number of Virtual Connections per Server (MaxVCPerServer registry option) * Win32 DNS API support * Addition of SMB_ATTR_xxxx defines for use instead of hex numbers * A variety of heap access and resource deallocation errors corrected in the SMB code * Support for recursive directory creation * Modifications to the en_US version of the client configuration dialog (need to port to other languages) Notes on the current check-in: * The KfW code will always be used when installed on the machine. This code only supports Krb5 and will not work with Krb4 only realms. A registry flag indicating whether or not KfW should be used if found needs to be added. * afscreds.exe needs to have a registry entry created to control the parameter list it should be started with. There should be a dialog to control this in the installer and within afscreds.exe * The MIT method of auto-assigning the mount-root and the netbios name is in conflict with the morgan stanley submissions in some parts of the code. If you are using the loopback adapter with this code both the "NetbiosName" = "AFS" and "Mountroot" = "/afs" registry options must be specified. This will be fixed in coming days.
2004-02-26 19:22:35 +00:00
Value : TrapOnPanic
Type : DWORD {1,0}
Default : 0
Variable: traceOnPanic
Issues a breakpoint in the event of a panic. (breakpoint: _asm int 3).
Value : NetbiosName
Type : REG_EXPAND_SZ
Default : "AFS"
Variable: cm_NetbiosName
Specifies the NetBIOS name to be used when binding to a Loopback
adapter. To provide the old behavior specify a value of
"%COMPUTERNAME%-AFS"
skyrope-mit-merge-hell-20040226 From Skyrope: The Skyrope work attempted to improve on the end user experience of using OpenAFS in the following ways: * Obtain tokens using renewable Kerberos 5 tickets in order to reduce the need for end users to renew expired tokens * Monitor the list of IP Addresses in order to detect changes in the network configuration which might affect the reachability of cells or the state of the AFS Client Service. When cells are newly reachable, obtain tokens for the cells. If the AFS Client Service is not running, start it. If tokens are expiring attempt to renew them. * Use KDC probes to detect the accessibility of realms/cells. If the KDC is not reachable, do not prompt the end user for a username and password. (fs probe is not implemented on windows) * Automatically obtain tokens using the Windows Logon Session Kerberos credentials (if available) * Allow tokens for multiple cells to be obtained by using the same Kerberos 5 tickets. (no UI yet implemented) * Perform drive mapping persistance by tracking it within the afsdsbmt.ini file instead of relying on the Windows Shell to persist the state. * Add new afscreds.exe command line options and change the default set used when creating the "AFS Credentials" shortcut in the Start Menu->Programs->Startup folder. From MIT: * Auto-detection of loopback adapters. Use "AFS" as the netbios name when a loopback adapter is installed. * Support for responding to power management events. Used to flush the cache when the machine is about to suspend, hibernate, or shutdown * Documentation of Registry entries * Support for Extended SMB Requests * Beginning of support for true Event Log reporting from a message database * Hidden Dot File support (configured via the HideDotFiles registry option) * Configurable Max number of Multiplexed Sessions (MaxMpxRequests registry option) * Configurable Max MTU size (RxMaxMTU registry option) * Configurable Jumbogram support (RxNoJumbo registry option) * Configurable Max number of Virtual Connections per Server (MaxVCPerServer registry option) * Win32 DNS API support * Addition of SMB_ATTR_xxxx defines for use instead of hex numbers * A variety of heap access and resource deallocation errors corrected in the SMB code * Support for recursive directory creation * Modifications to the en_US version of the client configuration dialog (need to port to other languages) Notes on the current check-in: * The KfW code will always be used when installed on the machine. This code only supports Krb5 and will not work with Krb4 only realms. A registry flag indicating whether or not KfW should be used if found needs to be added. * afscreds.exe needs to have a registry entry created to control the parameter list it should be started with. There should be a dialog to control this in the installer and within afscreds.exe * The MIT method of auto-assigning the mount-root and the netbios name is in conflict with the morgan stanley submissions in some parts of the code. If you are using the loopback adapter with this code both the "NetbiosName" = "AFS" and "Mountroot" = "/afs" registry options must be specified. This will be fixed in coming days.
2004-02-26 19:22:35 +00:00
Value : IsGateway
Type : DWORD {1,0}
Default : 0
Variable: isGateway
Select whether or not this AFS client should act as a gateway. If
set and the NetBIOS name hostname-AFS is bound to a physical NIC,
other machines in the subnet can access AFS via SMB connections to
hostname-AFS.
When IsGateway is non-zero, the LAN adapter detection code will
avoid binding to a loopback adapter. This will ensure that the
NetBIOS name will be of the form hostname-AFS instead of the value
set by the "NetbiosName" registry value.
skyrope-mit-merge-hell-20040226 From Skyrope: The Skyrope work attempted to improve on the end user experience of using OpenAFS in the following ways: * Obtain tokens using renewable Kerberos 5 tickets in order to reduce the need for end users to renew expired tokens * Monitor the list of IP Addresses in order to detect changes in the network configuration which might affect the reachability of cells or the state of the AFS Client Service. When cells are newly reachable, obtain tokens for the cells. If the AFS Client Service is not running, start it. If tokens are expiring attempt to renew them. * Use KDC probes to detect the accessibility of realms/cells. If the KDC is not reachable, do not prompt the end user for a username and password. (fs probe is not implemented on windows) * Automatically obtain tokens using the Windows Logon Session Kerberos credentials (if available) * Allow tokens for multiple cells to be obtained by using the same Kerberos 5 tickets. (no UI yet implemented) * Perform drive mapping persistance by tracking it within the afsdsbmt.ini file instead of relying on the Windows Shell to persist the state. * Add new afscreds.exe command line options and change the default set used when creating the "AFS Credentials" shortcut in the Start Menu->Programs->Startup folder. From MIT: * Auto-detection of loopback adapters. Use "AFS" as the netbios name when a loopback adapter is installed. * Support for responding to power management events. Used to flush the cache when the machine is about to suspend, hibernate, or shutdown * Documentation of Registry entries * Support for Extended SMB Requests * Beginning of support for true Event Log reporting from a message database * Hidden Dot File support (configured via the HideDotFiles registry option) * Configurable Max number of Multiplexed Sessions (MaxMpxRequests registry option) * Configurable Max MTU size (RxMaxMTU registry option) * Configurable Jumbogram support (RxNoJumbo registry option) * Configurable Max number of Virtual Connections per Server (MaxVCPerServer registry option) * Win32 DNS API support * Addition of SMB_ATTR_xxxx defines for use instead of hex numbers * A variety of heap access and resource deallocation errors corrected in the SMB code * Support for recursive directory creation * Modifications to the en_US version of the client configuration dialog (need to port to other languages) Notes on the current check-in: * The KfW code will always be used when installed on the machine. This code only supports Krb5 and will not work with Krb4 only realms. A registry flag indicating whether or not KfW should be used if found needs to be added. * afscreds.exe needs to have a registry entry created to control the parameter list it should be started with. There should be a dialog to control this in the installer and within afscreds.exe * The MIT method of auto-assigning the mount-root and the netbios name is in conflict with the morgan stanley submissions in some parts of the code. If you are using the loopback adapter with this code both the "NetbiosName" = "AFS" and "Mountroot" = "/afs" registry options must be specified. This will be fixed in coming days.
2004-02-26 19:22:35 +00:00
Value : ReportSessionStartups
Type : DWORD {1,0}
Default : 0
Variable: reportSessionStartups
If enabled, all SMB sessions created are recorded in the Application
event log. This also enables other events such as drive mappings
or various error types to be logged.
skyrope-mit-merge-hell-20040226 From Skyrope: The Skyrope work attempted to improve on the end user experience of using OpenAFS in the following ways: * Obtain tokens using renewable Kerberos 5 tickets in order to reduce the need for end users to renew expired tokens * Monitor the list of IP Addresses in order to detect changes in the network configuration which might affect the reachability of cells or the state of the AFS Client Service. When cells are newly reachable, obtain tokens for the cells. If the AFS Client Service is not running, start it. If tokens are expiring attempt to renew them. * Use KDC probes to detect the accessibility of realms/cells. If the KDC is not reachable, do not prompt the end user for a username and password. (fs probe is not implemented on windows) * Automatically obtain tokens using the Windows Logon Session Kerberos credentials (if available) * Allow tokens for multiple cells to be obtained by using the same Kerberos 5 tickets. (no UI yet implemented) * Perform drive mapping persistance by tracking it within the afsdsbmt.ini file instead of relying on the Windows Shell to persist the state. * Add new afscreds.exe command line options and change the default set used when creating the "AFS Credentials" shortcut in the Start Menu->Programs->Startup folder. From MIT: * Auto-detection of loopback adapters. Use "AFS" as the netbios name when a loopback adapter is installed. * Support for responding to power management events. Used to flush the cache when the machine is about to suspend, hibernate, or shutdown * Documentation of Registry entries * Support for Extended SMB Requests * Beginning of support for true Event Log reporting from a message database * Hidden Dot File support (configured via the HideDotFiles registry option) * Configurable Max number of Multiplexed Sessions (MaxMpxRequests registry option) * Configurable Max MTU size (RxMaxMTU registry option) * Configurable Jumbogram support (RxNoJumbo registry option) * Configurable Max number of Virtual Connections per Server (MaxVCPerServer registry option) * Win32 DNS API support * Addition of SMB_ATTR_xxxx defines for use instead of hex numbers * A variety of heap access and resource deallocation errors corrected in the SMB code * Support for recursive directory creation * Modifications to the en_US version of the client configuration dialog (need to port to other languages) Notes on the current check-in: * The KfW code will always be used when installed on the machine. This code only supports Krb5 and will not work with Krb4 only realms. A registry flag indicating whether or not KfW should be used if found needs to be added. * afscreds.exe needs to have a registry entry created to control the parameter list it should be started with. There should be a dialog to control this in the installer and within afscreds.exe * The MIT method of auto-assigning the mount-root and the netbios name is in conflict with the morgan stanley submissions in some parts of the code. If you are using the loopback adapter with this code both the "NetbiosName" = "AFS" and "Mountroot" = "/afs" registry options must be specified. This will be fixed in coming days.
2004-02-26 19:22:35 +00:00
Value : TraceBufferSize
Type : QWORD
Default : 5000 (CM_CONFIGDEFAULT_TRACEBUFSIZE)
Variable: traceBufSize
Number of entries to keep in trace log.
Value : SysName
Type : REG_SZ
Default : "i386_nt40"
Variable: cm_sysName
Self explanatory.
Value : SecurityLevel
Type : DWORD {1,0}
Default : 0
Variable: cryptall
Enables encryption on RX calls.
Value : UseDNS
Type : DWORD {1,0}
Default : 1
Variable: cm_dnsEnabled
Enables resolving volservers using AFSDB DNS queries. (see
afsdb-freelance-notes).
As of 1.3.60, this value is ignored as the DNS query support
utilizes the Win32 DNSQuery API which is available on Win2000
and above.
skyrope-mit-merge-hell-20040226 From Skyrope: The Skyrope work attempted to improve on the end user experience of using OpenAFS in the following ways: * Obtain tokens using renewable Kerberos 5 tickets in order to reduce the need for end users to renew expired tokens * Monitor the list of IP Addresses in order to detect changes in the network configuration which might affect the reachability of cells or the state of the AFS Client Service. When cells are newly reachable, obtain tokens for the cells. If the AFS Client Service is not running, start it. If tokens are expiring attempt to renew them. * Use KDC probes to detect the accessibility of realms/cells. If the KDC is not reachable, do not prompt the end user for a username and password. (fs probe is not implemented on windows) * Automatically obtain tokens using the Windows Logon Session Kerberos credentials (if available) * Allow tokens for multiple cells to be obtained by using the same Kerberos 5 tickets. (no UI yet implemented) * Perform drive mapping persistance by tracking it within the afsdsbmt.ini file instead of relying on the Windows Shell to persist the state. * Add new afscreds.exe command line options and change the default set used when creating the "AFS Credentials" shortcut in the Start Menu->Programs->Startup folder. From MIT: * Auto-detection of loopback adapters. Use "AFS" as the netbios name when a loopback adapter is installed. * Support for responding to power management events. Used to flush the cache when the machine is about to suspend, hibernate, or shutdown * Documentation of Registry entries * Support for Extended SMB Requests * Beginning of support for true Event Log reporting from a message database * Hidden Dot File support (configured via the HideDotFiles registry option) * Configurable Max number of Multiplexed Sessions (MaxMpxRequests registry option) * Configurable Max MTU size (RxMaxMTU registry option) * Configurable Jumbogram support (RxNoJumbo registry option) * Configurable Max number of Virtual Connections per Server (MaxVCPerServer registry option) * Win32 DNS API support * Addition of SMB_ATTR_xxxx defines for use instead of hex numbers * A variety of heap access and resource deallocation errors corrected in the SMB code * Support for recursive directory creation * Modifications to the en_US version of the client configuration dialog (need to port to other languages) Notes on the current check-in: * The KfW code will always be used when installed on the machine. This code only supports Krb5 and will not work with Krb4 only realms. A registry flag indicating whether or not KfW should be used if found needs to be added. * afscreds.exe needs to have a registry entry created to control the parameter list it should be started with. There should be a dialog to control this in the installer and within afscreds.exe * The MIT method of auto-assigning the mount-root and the netbios name is in conflict with the morgan stanley submissions in some parts of the code. If you are using the loopback adapter with this code both the "NetbiosName" = "AFS" and "Mountroot" = "/afs" registry options must be specified. This will be fixed in coming days.
2004-02-26 19:22:35 +00:00
Value : FreelanceClient
Type : DWORD {1,0}
Default : 0
Variable: cm_freelanceEnabled
Enables freelance client. (see afsdb-freelance-notes)
Value : HideDotFiles
Type : DWORD {1,0}
Default : 1
Variable: smb_hideDotFiles
Enables marking dotfiles with the hidden attribute. Dot files are
files whose name starts with a period (excluding "." and "..").
Value : MaxMpxRequests
Type : DWORD
Default : 50
Variable: smb_maxMpxRequests
Maximum number of multiplexed SMB requests that can be made.
Value : MaxVCPerServer
Type : DWORD
Default : 100
Variable: smb_maxVCPerServer
Maximum number of SMB virtual circuits.
Value : Cell
Type : REG_SZ
Default : <none>
Variable: rootCellName
Name of root cell (the cell from which root.afs should be mounted in
\\afs\all).
Value : RxNoJumbo
Type : DWORD {0,1}
Default : 0
Variable: rx_nojumbo
If enabled, does not send or indicate that we are able to send or
receive RX jumbograms.
Value : RxMaxMTU
Type : DWORD
Default : -1
Variable: rx_mtu
If set to anything other than -1, uses that value as the maximum MTU
supported by the RX interface.
In order to enable OpenAFS to operate across the Cisco IPSec VPN
client, this value must be set to 1264 or smaller.
Value : ConnDeadTimeout
Type : DWORD
Default : 60 (seconds)
Variable: ConnDeadtimeout
The Connection Dead Time is enforced to be at a minimum 15 seconds
longer than the minimum SMB timeout as specified by
HKLM\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters
SessTimeout
If the minimum SMB timeout is not specified the value is 45 seconds.
See http://support.microsoft.com:80/support/kb/articles/Q102/0/67.asp
Value : HardDeadTimeout
Type : DWORD
Default : 120 (seconds)
Variable: HardDeadtimeout
The Hard Dead Time is enforced to be at least double the ConnDeadTimeout.
The provides an opportunity for at least one retry.
Value : AllSubmount
Type : DWORD {0, 1}
Default : 1
Variable: allSubmount (smb.c)
By setting this value to 0, the "\\NetbiosName\all" mount point
will not be created. This allows the read-write versions of
root.afs to be hidden.
Value : NoFindLanaByName
Type : DWORD {0, 1}
Default : 0
Disables the attempt to identity the network adapter to use by
looking for an adapter with a display name of "AFS".
Value : MaxCPUs
Type : DWORD {1..32} or {1..64} depending on the architecture
Default : <no default>
If this value is specified, afsd_service.exe will restrict itself
to executing on the specified number of CPUs if there are a greater
number installed in the machine.
NOTE: Setting this entry to "1" may be required on hyperthreaded
systems to avoid crashes in the RX library.
Regkey:
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters\GlobalAutoMapper]
Value : <Drive Letter:> for example "G:"
Type : SZ
Specifies the submount name to be mapped by afsd_service.exe at startup
to the provided drive letter.
Regkey:
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]
skyrope-mit-merge-hell-20040226 From Skyrope: The Skyrope work attempted to improve on the end user experience of using OpenAFS in the following ways: * Obtain tokens using renewable Kerberos 5 tickets in order to reduce the need for end users to renew expired tokens * Monitor the list of IP Addresses in order to detect changes in the network configuration which might affect the reachability of cells or the state of the AFS Client Service. When cells are newly reachable, obtain tokens for the cells. If the AFS Client Service is not running, start it. If tokens are expiring attempt to renew them. * Use KDC probes to detect the accessibility of realms/cells. If the KDC is not reachable, do not prompt the end user for a username and password. (fs probe is not implemented on windows) * Automatically obtain tokens using the Windows Logon Session Kerberos credentials (if available) * Allow tokens for multiple cells to be obtained by using the same Kerberos 5 tickets. (no UI yet implemented) * Perform drive mapping persistance by tracking it within the afsdsbmt.ini file instead of relying on the Windows Shell to persist the state. * Add new afscreds.exe command line options and change the default set used when creating the "AFS Credentials" shortcut in the Start Menu->Programs->Startup folder. From MIT: * Auto-detection of loopback adapters. Use "AFS" as the netbios name when a loopback adapter is installed. * Support for responding to power management events. Used to flush the cache when the machine is about to suspend, hibernate, or shutdown * Documentation of Registry entries * Support for Extended SMB Requests * Beginning of support for true Event Log reporting from a message database * Hidden Dot File support (configured via the HideDotFiles registry option) * Configurable Max number of Multiplexed Sessions (MaxMpxRequests registry option) * Configurable Max MTU size (RxMaxMTU registry option) * Configurable Jumbogram support (RxNoJumbo registry option) * Configurable Max number of Virtual Connections per Server (MaxVCPerServer registry option) * Win32 DNS API support * Addition of SMB_ATTR_xxxx defines for use instead of hex numbers * A variety of heap access and resource deallocation errors corrected in the SMB code * Support for recursive directory creation * Modifications to the en_US version of the client configuration dialog (need to port to other languages) Notes on the current check-in: * The KfW code will always be used when installed on the machine. This code only supports Krb5 and will not work with Krb4 only realms. A registry flag indicating whether or not KfW should be used if found needs to be added. * afscreds.exe needs to have a registry entry created to control the parameter list it should be started with. There should be a dialog to control this in the installer and within afscreds.exe * The MIT method of auto-assigning the mount-root and the netbios name is in conflict with the morgan stanley submissions in some parts of the code. If you are using the loopback adapter with this code both the "NetbiosName" = "AFS" and "Mountroot" = "/afs" registry options must be specified. This will be fixed in coming days.
2004-02-26 19:22:35 +00:00
2. Network provider parameters
------------------------------
Affects the network provider (aklogon.dll).
Regkey:
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]
Value : FailLoginsSilently
Type : DWORD
Default : 0
Do not display message boxes if the login fails.
skyrope-mit-merge-hell-20040226 From Skyrope: The Skyrope work attempted to improve on the end user experience of using OpenAFS in the following ways: * Obtain tokens using renewable Kerberos 5 tickets in order to reduce the need for end users to renew expired tokens * Monitor the list of IP Addresses in order to detect changes in the network configuration which might affect the reachability of cells or the state of the AFS Client Service. When cells are newly reachable, obtain tokens for the cells. If the AFS Client Service is not running, start it. If tokens are expiring attempt to renew them. * Use KDC probes to detect the accessibility of realms/cells. If the KDC is not reachable, do not prompt the end user for a username and password. (fs probe is not implemented on windows) * Automatically obtain tokens using the Windows Logon Session Kerberos credentials (if available) * Allow tokens for multiple cells to be obtained by using the same Kerberos 5 tickets. (no UI yet implemented) * Perform drive mapping persistance by tracking it within the afsdsbmt.ini file instead of relying on the Windows Shell to persist the state. * Add new afscreds.exe command line options and change the default set used when creating the "AFS Credentials" shortcut in the Start Menu->Programs->Startup folder. From MIT: * Auto-detection of loopback adapters. Use "AFS" as the netbios name when a loopback adapter is installed. * Support for responding to power management events. Used to flush the cache when the machine is about to suspend, hibernate, or shutdown * Documentation of Registry entries * Support for Extended SMB Requests * Beginning of support for true Event Log reporting from a message database * Hidden Dot File support (configured via the HideDotFiles registry option) * Configurable Max number of Multiplexed Sessions (MaxMpxRequests registry option) * Configurable Max MTU size (RxMaxMTU registry option) * Configurable Jumbogram support (RxNoJumbo registry option) * Configurable Max number of Virtual Connections per Server (MaxVCPerServer registry option) * Win32 DNS API support * Addition of SMB_ATTR_xxxx defines for use instead of hex numbers * A variety of heap access and resource deallocation errors corrected in the SMB code * Support for recursive directory creation * Modifications to the en_US version of the client configuration dialog (need to port to other languages) Notes on the current check-in: * The KfW code will always be used when installed on the machine. This code only supports Krb5 and will not work with Krb4 only realms. A registry flag indicating whether or not KfW should be used if found needs to be added. * afscreds.exe needs to have a registry entry created to control the parameter list it should be started with. There should be a dialog to control this in the installer and within afscreds.exe * The MIT method of auto-assigning the mount-root and the netbios name is in conflict with the morgan stanley submissions in some parts of the code. If you are using the loopback adapter with this code both the "NetbiosName" = "AFS" and "Mountroot" = "/afs" registry options must be specified. This will be fixed in coming days.
2004-02-26 19:22:35 +00:00
Regkey:
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]
Value : NoWarnings
Type : DWORD
Default : 0
Disables visible warnings during logon.
Value : AuthentProviderPath
Type : REG_SZ
NSIS : <install path>\afslogon.dll
Specifies the install location of the authentication provider dll.
Value : Class
Type : DWORD
NSIS : 0x02
Specifies the class of network provider
Value : DependOnGroup
Type : REG_MULTI_SZ
NSIS : PNP_TDI
Specifies the service groups upon which the AFS Client Service
depends. Windows should not attempt to start the AFS Client Service
until all of the services within these groups have successfully
started.
Value : DependOnService
Type : REG_MULTI_SZ
NSIS : Tcpip NETBIOS RpcSs
Specifies a list of services upon which the AFS Client Service
depends. Windows should not attempt to start the AFS Client Service
until all of the specified services have successfully started.
Value : LogonOptions
Type : DWORD
NSIS : depends on user configuration
0x00 - Integrated Logon is not used
0x01 - Integrated Logon is used
0x02 - High Security Mode is used
0x03 - Integrated Logon with High Security Mode is used
High Security Mode generates random SMB names for the creation of
Drive Mappings. This mode should not be used without Integrated Logon.
Value : LogonScript
Type : REG_SZ
NSIS : <install path>\afscreds.exe -:%s -x
Specifies the command to be executed at the end of successful logon.
Value : Name
Type : REG_SZ
NSIS : "OpenAFSDaemon"
Specifies the display name of the AFS Client Service
Value : ProviderPath
Type : REG_SZ
NSIS : <install path>\afslogon.dll
Specifies the DLL to use for the network provider
Value : VerboseLogging
Type : DWORD
NSIS : 0x0a
Determines the level of logging to be enabled
3. AFS Credentials System Tray Tool parameters
----------------------------------------------
Affects the behavior of afscreds.exe
Regkey:
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]
Value : Gateway
Type : REG_SZ
Default : ""
Function: GetGatewayName()
If the AFS client is utilizing a gateway to obtain AFS access,
the name of the gateway is specified by this value.
Value : Cell
Type : REG_SZ
Default : <none>
Variable: IsServiceConfigured()
The value Cell is used to determine if the AFS Client Service has
been properly configured or not.
Regkey:
[HKLM\SOFTWARE\OpenAFS\Client]
[HKCU\SOFTWARE\OpenAFS\Client]
Value : ShowTrayIcon
Type : DWORD {0, 1}
Default : 1
Function: InitApp(), Main_OnCheckTerminate()
This value is used to determine whether or not a shortcut should be
maintained in the user's Start Menu->Programs->Startup folder.
This value used to be stored at
[HKLM\Software\TransarcCorporation\AFS Client\AfsCreds].
Value : EnableKFW
Type : DWORD {0, 1}
Default : 1
Function: KFW_is_available()
When MIT Kerberos for Windows can be loaded, Kerberos 5 will be used
to obtain AFS credentials. By setting this value to 0, the internal
Kerberos 4 implementation will be used instead.
Value : AfscredsShortcutParams
Type : REG_SZ
Default : "-A -M -N -Q"
Function: Shortcut_FixStartup
This value specifies the command line options which should be set
as part of the shortcut to afscreds.exe.
Regkey:
[HKCU\SOFTWARE\OpenAFS\Client\Reminders]
Value : "afs cell name"
Type : DWORD {0, 1}
Default : <none>
Function: LoadRemind(), SaveRemind()
These values are used to save and restore the state of the reminder
flag for each cell for which the user has obtained tokens.
This value used to be stored at
[HKLM\Software\TransarcCorporation\AFS Client\AfsCreds].
skyrope-mit-merge-hell-20040226 From Skyrope: The Skyrope work attempted to improve on the end user experience of using OpenAFS in the following ways: * Obtain tokens using renewable Kerberos 5 tickets in order to reduce the need for end users to renew expired tokens * Monitor the list of IP Addresses in order to detect changes in the network configuration which might affect the reachability of cells or the state of the AFS Client Service. When cells are newly reachable, obtain tokens for the cells. If the AFS Client Service is not running, start it. If tokens are expiring attempt to renew them. * Use KDC probes to detect the accessibility of realms/cells. If the KDC is not reachable, do not prompt the end user for a username and password. (fs probe is not implemented on windows) * Automatically obtain tokens using the Windows Logon Session Kerberos credentials (if available) * Allow tokens for multiple cells to be obtained by using the same Kerberos 5 tickets. (no UI yet implemented) * Perform drive mapping persistance by tracking it within the afsdsbmt.ini file instead of relying on the Windows Shell to persist the state. * Add new afscreds.exe command line options and change the default set used when creating the "AFS Credentials" shortcut in the Start Menu->Programs->Startup folder. From MIT: * Auto-detection of loopback adapters. Use "AFS" as the netbios name when a loopback adapter is installed. * Support for responding to power management events. Used to flush the cache when the machine is about to suspend, hibernate, or shutdown * Documentation of Registry entries * Support for Extended SMB Requests * Beginning of support for true Event Log reporting from a message database * Hidden Dot File support (configured via the HideDotFiles registry option) * Configurable Max number of Multiplexed Sessions (MaxMpxRequests registry option) * Configurable Max MTU size (RxMaxMTU registry option) * Configurable Jumbogram support (RxNoJumbo registry option) * Configurable Max number of Virtual Connections per Server (MaxVCPerServer registry option) * Win32 DNS API support * Addition of SMB_ATTR_xxxx defines for use instead of hex numbers * A variety of heap access and resource deallocation errors corrected in the SMB code * Support for recursive directory creation * Modifications to the en_US version of the client configuration dialog (need to port to other languages) Notes on the current check-in: * The KfW code will always be used when installed on the machine. This code only supports Krb5 and will not work with Krb4 only realms. A registry flag indicating whether or not KfW should be used if found needs to be added. * afscreds.exe needs to have a registry entry created to control the parameter list it should be started with. There should be a dialog to control this in the installer and within afscreds.exe * The MIT method of auto-assigning the mount-root and the netbios name is in conflict with the morgan stanley submissions in some parts of the code. If you are using the loopback adapter with this code both the "NetbiosName" = "AFS" and "Mountroot" = "/afs" registry options must be specified. This will be fixed in coming days.
2004-02-26 19:22:35 +00:00
ENVIRONMENT VARIABLES:
Variable: AFS_RPC_ENCRYPT
Values: "OFF" disables the use of RPC encryption
any other value allows RPC encryption to be used
Default: RPC encryption is on
Variable: AFS_RPC_PROTSEQ
Values: "ncalrpc" - local RPC
"ncacn_np" - named pipes
"ncacn_ip_tcp" - tcp/ip
Default: local RPC