mirror of
https://git.openafs.org/openafs.git
synced 2025-01-19 15:30:14 +00:00
40d2f5f7c0
Update text files for 1.3.71 and describe the new Windows Authorization Group "AFS Client Admins" ==================== This delta was composed from multiple commits as part of the CVS->Git migration. The checkin message with each commit was inconsistent. The following are the additional commit messages. ==================== Add support for "AFS Client Admins" windows authortization group ==================== NTMakefile changes for Admin Group
199 lines
9.4 KiB
Plaintext
199 lines
9.4 KiB
Plaintext
This file is a rough list of known issues with the 1.3.70 release of OpenAFS
|
|
on Windows. This list is not complete. There are probably other issues
|
|
which can be found in the RT database or on the mailing list.
|
|
|
|
|
|
(1) File/Directory access is not integrated with windows security
|
|
|
|
(3) SMB LANA list is static.
|
|
|
|
(3a) IP address changes cause the service to terminate due to an assertion
|
|
in smb_Listener() thread.
|
|
|
|
(3b) New IP addresses do not get bound
|
|
|
|
(3c) Loopback adapter hack:
|
|
(i) prevents use of AFS Gateway
|
|
(ii) requires installation of loopback adapter
|
|
(iii) the list of hack adapters is incomplete (VMWare, MS TV/Video, ...)
|
|
(iv) incompatible with Windows 2000 and earlier
|
|
|
|
(4) Performance of the AFS Client Service code simply sucks. The average
|
|
read, write, and delete times for AFS are more than ten times slower than
|
|
the equivalent Windows File Share operations. The Window File Share operations
|
|
are not all that fast. It has been claimed that the Windows AFS functions are
|
|
one hundred times slower than the equivalent operations on Linux. I would not
|
|
be at all surprised. The best we can do without rewriting AFS as a IFS would
|
|
be to match the Windows File Share performance. I believe the threading model
|
|
is imposing significant delays in the movement of data from between the SMB
|
|
and RX protocol operations. There was also an issue with large numbers of
|
|
page faults which have since been fixed.
|
|
|
|
(7) There appear to be directory locking problems associated with renaming
|
|
directories.
|
|
|
|
(8) File termination differences between Win9x and nt/w2k/xp (Jim Peterson)
|
|
|
|
(9) How to silence "Explorer" when the mapped drive is not available?
|
|
|
|
(10) Convert to IFS!!!!!!
|
|
|
|
(11) Kerberos 5 integration:
|
|
(11f) allow arbitrary cell to realm mappings
|
|
(11g) modify UI to allow user to choose whether to authenticate
|
|
using Kerberos or AFS
|
|
(11h) modify UI to allow user to select an existing principal to
|
|
be used to request AFS tokens
|
|
(11i) modify UI to display Kerberos 5 ticket info (principal,
|
|
ticket lifetimes, etc)
|
|
|
|
(12) Default cell is system global just like everything else. Different
|
|
users logging in via Integrated Logon or using afscreds.exe cannot
|
|
be automatically prompted for different cells
|
|
|
|
(13) AFS Integrated Logon:
|
|
(13b) If using Kerberos, need to figure out a means of passing credentials
|
|
into the user space until such time as I finish the new credential
|
|
cache service.
|
|
(13c) If network is not available must store the username and password
|
|
somewhere until such time as the network starts.
|
|
|
|
(14) Loopback adapter is not always installed with bindings to "File and
|
|
Printer Sharing for Microsoft Networks" or "Client for Microsoft
|
|
Networks". If these are not bound then SMB names will successfully
|
|
be published to a list of zero which causes the AFS not to function.
|
|
We need a way to test whether the Loopback adapter is properly bound
|
|
so we know if it is safe to use. Actually, it is worse. Even with
|
|
the bindings on Win2000 the loopback adapter frequently fails to publish
|
|
SMB names. Of course, the error messages report nothing.
|
|
|
|
(15) If a drive mapping is "in use", then afscreds cannot be used to Modify
|
|
or Delete the Mapping. If a map to "H:" to \afs\cell\foo" with
|
|
description "home" is modified to point to \afs\cell\bar, then the
|
|
description must be unique. "home" cannot be reused. We need a way
|
|
to remove "home" from the submount list.
|
|
|
|
(16) WinAFS configuration values are still stored in old style INI files
|
|
instead of using the Registry. This is especially important for
|
|
per-user values such as drive mappings
|
|
|
|
(17) Drive mappings are lost on WinXP after return from Standby. (This could
|
|
be because the AFS Client Service fails OR because the RX protocol is
|
|
temporarily unable to access the Cell due to network restore timing
|
|
issues.)
|
|
|
|
(18) No support for Unicode CIFS/SMB data structures. OEM Code Pages prevent
|
|
the use of interoperable file names; force the use of paths no longer
|
|
than 256 characters; force share names to be no longer than 13
|
|
characters; restrict authentication to ASCII only names and passwords;
|
|
etc.
|
|
|
|
(19) No auto-restart on service failure
|
|
|
|
(20) Better EventLog handling
|
|
|
|
(21) Named Pipes Support [requires modifications to AFS servers to support]
|
|
|
|
(22) Memory Mapped File support
|
|
|
|
(23) Large file support [both SMB/CIFS and AFS]
|
|
|
|
(24) Implement persistent disk based cache which survives restarts
|
|
|
|
(25) NSIS Installer issues
|
|
(a) integration with KFW install script
|
|
(b) Optional removal of AFS Server volumes
|
|
|
|
(26) The User Interface needs to be re-designed to separate the per-user
|
|
and per-machine settings. All of the new registry items need to
|
|
be added to the UI
|
|
|
|
(27) There appears to be a thread safety issue in the Rx library when
|
|
running on Intel processors which support hyper-threading
|
|
|
|
(28) Thread initialization versus Global Drive Mapping. There is no
|
|
mechanism in the afsd_init.c to ensure that all of the threads
|
|
complete initializing in the correct sequence. In the case of
|
|
Global Drive Maps this is a problem because the Global Drive Maps
|
|
can be executed prior to the completion of the SMB registration
|
|
and service thread initialization.
|
|
|
|
(29) Should we allow the AFSCACHE file to be stored in the Virtual Paging
|
|
file as long as we do not support persistent caches?
|
|
|
|
(30) CIFS Remote Administration Protocol implementation is incomplete.
|
|
Notifications are not made to requestors when the view of a file
|
|
or folder changes due to token acquisition; token expiration; or
|
|
token destruction
|
|
|
|
(31) Microsoft Office appears to have trouble editing files of ~20MB
|
|
or larger from within AFS. Performance is particularly slow and
|
|
applications such as Word often crash upon saving the files.
|
|
|
|
|
|
-------------------------------------------------------------------------
|
|
List of unfunded projects:
|
|
|
|
1. No longer use AFS Client Service "cell" as the default cell for individual users
|
|
2. Re-write afsd_service.exe to perform synchronized thread startup and shutdown.
|
|
Currently there is no synchronization of thread creation which results in timing
|
|
conflicts; and there is no attempt to cleanly shutdown the service which causes
|
|
problems when restarting and prevents the implementation of a persistent cache
|
|
3. Implement a persistent cache (requires item 2)
|
|
4. Prevent panic situation when the root.afs volume is not reachable and
|
|
the AFS Client Server is not using Freelance mode
|
|
5. Prevent panic situation when the IP address to which the SMB server is bound is removed
|
|
from the local machine's network configuration
|
|
6. Identify and fix the problems with running the RX library on Hyperthreaded systems
|
|
7. Add support for Named Pipes within the afs filesystem
|
|
(This is not currently a supported feature of AFS; it will require
|
|
changes to the servers as well as the clients.)
|
|
8. Re-write afscreds.exe to support:
|
|
1. choosing between Kerberos 5 and Kerberos 4 on a per principal basis
|
|
2. providing users with the ability to map multiple cells to a single principal
|
|
3. providing change password functionality on a per principal basis
|
|
4. no longer include drive mapping
|
|
5. configuration of afscreds startup options in shortcut
|
|
9. Re-write afs_config.exe to be only "per user" functionality which does not require admin
|
|
privileges
|
|
1. default cell and principal for the user
|
|
2. drive mappings
|
|
3. visibility of afs creds and setting of afs creds startup options
|
|
10. Create new afs_admin.exe tool to be installed in the administrator folder (or use MMS)
|
|
which contains
|
|
1. afs client service cell name
|
|
2. integrated logon configuration
|
|
3. Gateway configuration
|
|
4. start/stop service
|
|
5. global drive mapping
|
|
6. submount management
|
|
7. file/volume server preferences
|
|
8. afs cells
|
|
9. cache configuration
|
|
10. diagnostics
|
|
11. network configuration
|
|
12. miscellaneous
|
|
13. need to add support for all of the new registry values since 1.2.8
|
|
11. Identify why 16-bit DOS applications executed out of AFS fail
|
|
12. Add support for configurable Icon file representing AFS folders within the Explorer Shell
|
|
13. Documentation Documentation Documentation
|
|
14. Large File support (> 2GB)
|
|
15. Integrate KFW installation into the NSIS installer
|
|
16. Add support for record locking to AFS (requires changes to the servers)
|
|
17. Unicode enable the SMB/CIFS server. OEM Code Pages:
|
|
1. prevent the use of interoperable file names
|
|
2. force the use of paths no longer than 256 characters
|
|
3. force share names to be no longer than 13 characters
|
|
4. restrict authentication to ASCII only names and passwords
|
|
18. Complete implementation of CIFS Remote Administration Protocol
|
|
19. Correct the problems with overlapped writes which adversely affect
|
|
Microsoft Office applications storing documents and temporary files
|
|
within AFS volumes
|
|
20. Add support for SMB/CIFS Digital Signatures
|
|
21. Development of afsmap.exe tool to provide AFS aware NET USE functionality
|
|
afsmap.exe <drive> <afs-path> [/PERSISTENT]
|
|
afsmap.exe <drive> <unc-path> [/PERSISTENT]
|
|
afsmap.exe <drive> /DELETE
|
|
22. Write-through caching appears to be unsupported. Files copied to AFS
|
|
do not end up in the local cache.
|