openafs/doc/txt/winnotes/afs-issues.txt

199 lines
9.4 KiB
Plaintext
Raw Normal View History

This file is a rough list of known issues with the 1.3.70 release of OpenAFS
on Windows. This list is not complete. There are probably other issues
which can be found in the RT database or on the mailing list.
(1) File/Directory access is not integrated with windows security
(3) SMB LANA list is static.
(3a) IP address changes cause the service to terminate due to an assertion
in smb_Listener() thread.
(3b) New IP addresses do not get bound
(3c) Loopback adapter hack:
(i) prevents use of AFS Gateway
(ii) requires installation of loopback adapter
(iii) the list of hack adapters is incomplete (VMWare, MS TV/Video, ...)
(iv) incompatible with Windows 2000 and earlier
(4) Performance of the AFS Client Service code simply sucks. The average
read, write, and delete times for AFS are more than ten times slower than
the equivalent Windows File Share operations. The Window File Share operations
are not all that fast. It has been claimed that the Windows AFS functions are
one hundred times slower than the equivalent operations on Linux. I would not
be at all surprised. The best we can do without rewriting AFS as a IFS would
be to match the Windows File Share performance. I believe the threading model
is imposing significant delays in the movement of data from between the SMB
and RX protocol operations. There was also an issue with large numbers of
page faults which have since been fixed.
(7) There appear to be directory locking problems associated with renaming
directories.
(8) File termination differences between Win9x and nt/w2k/xp (Jim Peterson)
(9) How to silence "Explorer" when the mapped drive is not available?
(10) Convert to IFS!!!!!!
(11) Kerberos 5 integration:
(11f) allow arbitrary cell to realm mappings
(11g) modify UI to allow user to choose whether to authenticate
using Kerberos or AFS
(11h) modify UI to allow user to select an existing principal to
be used to request AFS tokens
(11i) modify UI to display Kerberos 5 ticket info (principal,
ticket lifetimes, etc)
(12) Default cell is system global just like everything else. Different
users logging in via Integrated Logon or using afscreds.exe cannot
be automatically prompted for different cells
(13) AFS Integrated Logon:
(13b) If using Kerberos, need to figure out a means of passing credentials
into the user space until such time as I finish the new credential
cache service.
(13c) If network is not available must store the username and password
somewhere until such time as the network starts.
(14) Loopback adapter is not always installed with bindings to "File and
Printer Sharing for Microsoft Networks" or "Client for Microsoft
Networks". If these are not bound then SMB names will successfully
be published to a list of zero which causes the AFS not to function.
We need a way to test whether the Loopback adapter is properly bound
so we know if it is safe to use. Actually, it is worse. Even with
the bindings on Win2000 the loopback adapter frequently fails to publish
SMB names. Of course, the error messages report nothing.
(15) If a drive mapping is "in use", then afscreds cannot be used to Modify
or Delete the Mapping. If a map to "H:" to \afs\cell\foo" with
description "home" is modified to point to \afs\cell\bar, then the
description must be unique. "home" cannot be reused. We need a way
to remove "home" from the submount list.
(16) WinAFS configuration values are still stored in old style INI files
instead of using the Registry. This is especially important for
per-user values such as drive mappings
(17) Drive mappings are lost on WinXP after return from Standby. (This could
be because the AFS Client Service fails OR because the RX protocol is
temporarily unable to access the Cell due to network restore timing
issues.)
(18) No support for Unicode CIFS/SMB data structures. OEM Code Pages prevent
the use of interoperable file names; force the use of paths no longer
than 256 characters; force share names to be no longer than 13
characters; restrict authentication to ASCII only names and passwords;
etc.
(19) No auto-restart on service failure
(20) Better EventLog handling
(21) Named Pipes Support [requires modifications to AFS servers to support]
(22) Memory Mapped File support
(23) Large file support [both SMB/CIFS and AFS]
(24) Implement persistent disk based cache which survives restarts
(25) NSIS Installer issues
(a) integration with KFW install script
(b) Optional removal of AFS Server volumes
(26) The User Interface needs to be re-designed to separate the per-user
and per-machine settings. All of the new registry items need to
be added to the UI
(27) There appears to be a thread safety issue in the Rx library when
running on Intel processors which support hyper-threading
(28) Thread initialization versus Global Drive Mapping. There is no
mechanism in the afsd_init.c to ensure that all of the threads
complete initializing in the correct sequence. In the case of
Global Drive Maps this is a problem because the Global Drive Maps
can be executed prior to the completion of the SMB registration
and service thread initialization.
(29) Should we allow the AFSCACHE file to be stored in the Virtual Paging
file as long as we do not support persistent caches?
(30) CIFS Remote Administration Protocol implementation is incomplete.
Notifications are not made to requestors when the view of a file
or folder changes due to token acquisition; token expiration; or
token destruction
(31) Microsoft Office appears to have trouble editing files of ~20MB
or larger from within AFS. Performance is particularly slow and
applications such as Word often crash upon saving the files.
-------------------------------------------------------------------------
List of unfunded projects:
1. No longer use AFS Client Service "cell" as the default cell for individual users
2. Re-write afsd_service.exe to perform synchronized thread startup and shutdown.
Currently there is no synchronization of thread creation which results in timing
conflicts; and there is no attempt to cleanly shutdown the service which causes
problems when restarting and prevents the implementation of a persistent cache
3. Implement a persistent cache (requires item 2)
4. Prevent panic situation when the root.afs volume is not reachable and
the AFS Client Server is not using Freelance mode
5. Prevent panic situation when the IP address to which the SMB server is bound is removed
from the local machine's network configuration
6. Identify and fix the problems with running the RX library on Hyperthreaded systems
7. Add support for Named Pipes within the afs filesystem
(This is not currently a supported feature of AFS; it will require
changes to the servers as well as the clients.)
8. Re-write afscreds.exe to support:
1. choosing between Kerberos 5 and Kerberos 4 on a per principal basis
2. providing users with the ability to map multiple cells to a single principal
3. providing change password functionality on a per principal basis
4. no longer include drive mapping
5. configuration of afscreds startup options in shortcut
9. Re-write afs_config.exe to be only "per user" functionality which does not require admin
privileges
1. default cell and principal for the user
2. drive mappings
3. visibility of afs creds and setting of afs creds startup options
10. Create new afs_admin.exe tool to be installed in the administrator folder (or use MMS)
which contains
1. afs client service cell name
2. integrated logon configuration
3. Gateway configuration
4. start/stop service
5. global drive mapping
6. submount management
7. file/volume server preferences
8. afs cells
9. cache configuration
10. diagnostics
11. network configuration
12. miscellaneous
13. need to add support for all of the new registry values since 1.2.8
11. Identify why 16-bit DOS applications executed out of AFS fail
12. Add support for configurable Icon file representing AFS folders within the Explorer Shell
13. Documentation Documentation Documentation
14. Large File support (> 2GB)
15. Integrate KFW installation into the NSIS installer
16. Add support for record locking to AFS (requires changes to the servers)
17. Unicode enable the SMB/CIFS server. OEM Code Pages:
1. prevent the use of interoperable file names
2. force the use of paths no longer than 256 characters
3. force share names to be no longer than 13 characters
4. restrict authentication to ASCII only names and passwords
18. Complete implementation of CIFS Remote Administration Protocol
19. Correct the problems with overlapped writes which adversely affect
Microsoft Office applications storing documents and temporary files
within AFS volumes
20. Add support for SMB/CIFS Digital Signatures
21. Development of afsmap.exe tool to provide AFS aware NET USE functionality
afsmap.exe <drive> <afs-path> [/PERSISTENT]
afsmap.exe <drive> <unc-path> [/PERSISTENT]
afsmap.exe <drive> /DELETE
22. Write-through caching appears to be unsupported. Files copied to AFS
post-1-3-70-windows-changes-20040816 * Fix aklog.exe to not add the AFS ID to the username * PTS registration of new users to foreign cells has been added to afscreds.exe * The cm_Daemon thread is used to perform checks for down servers, up servers, volumes, callback expirations, lock maintenance and token expiration. Due to a gaff in larger integer division the thread never performed any work. Instead the current time computation would always be less then the trigger times. This had an adverse affect on the client's ability to maintain communication with servers, keep volumes up to date, and flush user tokens and acls when they have expired. This was broken when the 1.3 branch was modified to support VC7 which no longer included largeint.lib * An initialization problem with the Freelance code was detected while fixing the callbackRequest. The cm_rootSCachep object is obtained during afsd_InitDaemons() but the callback information is incomplete. The callback information will not be obtained until cm_MergeStatus is called from within cm_GetCallback. Unfortunately, cm_SyncOp did not properly test for the conditions under which the callback information must be obtained. * Reports have been filed indicating that callbacks were being lost. An examination of the code indicated that the cm_server_t objects were not being properly reference counted by the cm_scache_t and cm_callbackRequest_t objects. In particular, the cm_server_t objects may have been freed from beneath the cm_conn_t objects. All of the reference counting is now done via the functions: cm_GetServer cm_GetServerNoLock cm_PutServer cm_PutServerNoLock this improves the ability to track the referrals. Each cm_BeginCallbackGranting Call now allocates a reference to the cm_server_t. The cm_EndCallbackGrantingCall either frees the reference or transfers it to the cm_scache_t cbServerp field. These are then appropriately tracked through the cm_Analyze call. * Ensure that the dnlc hash table is the same size as the dir name hash table (as per original author's note). Increase the dnlc CM_AFSNCNAMESIZE to a multiple of 8 for compatibility with 64-bit systems. * fix smb_ApplyV3DirListPatches to properly apply the hidden attribute to dotfiles when the infoLevel < 0x101 and cm_SyncOp has failed. * Fix the Freelance registry initialization code. There was a possibility that some systems could end up with garbage in the registry during a clean install.
2004-08-17 06:21:17 +01:00
do not end up in the local cache.