File Sharing Folders

 Home Directory

         there is a public folder. Unless you change the permissions on this
folder, any files or new subfolders are readable and copyable by any other user
of the CNF Fileserver or anyone accessing the fileserver from a computer on the
CNF networks.

CNF Public Share

        Located under the shares folder, public subfolder, cnf subfolder --
anyone on a computer on one of the CNF networks and any user of our fileserver
can read, write, create, modify, and delete files.

CNF Outside Users Share

        Located under the shares folder, public subfolder, outside_users
subfolder. Only staff can place files here. But files placed here can be read
by any user on our fileserver, anyone accessing the fileserver from a computer
on the CNF networks, and any user of AFS (the file system we use) at another
institution.

 CNF Staff Share

         Located under the shares folder, private or CNF_Staff subfolder,
staff_compound subfolder. Any staff member can create, delete, read, write,
modify new files and subfolders.

AFS Access Control Lists (ie permissions)

On a unix machine, fs la directory
On a Mac OS X machine, right or control click on a folder and choose AFS -
Access Control List
On a WIndows machine, right click on a folder and choose AFS - Access Control
Lists

Possible permissions are rlidwka

r - read a file/copy a file (but can't see they're there w/o the l permission)
l - lookup - be able to look through the directories and see that files are
there (but can't actually read/copy them w/o the r permission)
i - insert - create a new file/folder
d - delete - delete an existing file/folder
w - write - write to/modify an existing file/folder
k - lock
a - administer - be able to set the permissions on files/folders here

 Where is the fileserver?

On Windows machines which I have set up, our AFS "cell", cnf.cornell.edu, is
mapped to the X drive. Windows users can also go to the start menu, select run,
and enter the path: \\afs\cnf.cornell.edu

On Mac OS X machines, there will be an icon on the desktop labeled AFS. Double
click it. Under that, you will see a list of cells your machine knows about.
Ours is "cnf.cornell.edu"

On UNIX machines, use the path /afs/cnf.cornell.edu

Some CNF AFS Groups

 cnfhosts - all computers on the main CNF network (CNF offices, CAD room) and
the lab network (eg cleanroom) -- does not include CIT RedRover wireless.

grp_all - everyone who has an account on our fileserver

grp_staff - all CNF staff

grp_users - all CNF users (at present, most users do not yet have accounts)

grp_fellows - the CNF Fellows

grp_finance - Financial staff

grp_it - Your friendly CNF IT staff

 Backups

 Data on the CNF file server is backed up on a daily basis.

Also, a daily snapshop of your home directory is kept in a subfolder named "Yesterday". This daily snapshot folder may also be available for some of the CNF shares.

 Installing

 Windows

 1. d/l 1.5.x client from openafs.org
4. run the openafs installer (dialogs match 1.5.11 install)
   A. For the type of install, if not already selected, choose "AFS Client"
   B. This will select the optional components: AFS Client and MS Loopback
Adapter
   C. CellServDB Configuration - Download from web address
   D. Client Cell Name Configuration
      1. Cell name is: cnf.cornell.edu
      2. Check Enable AFS crypt security, Enable AFS Freelance client, and Use
DNS to Search for Cell Servers
   E. AFS Credentials Configuration
      1. Check Start AFS Credentials at system login
      2. Check Auto initialize AFS Credentials
      3. Check Renew drive maps
      4. Check IP Address change detection
      5. Check Quiet
   F. Install Kerberos for OpenAFS msi package (attached zip file)
5. Edit c:\windows\krb5.ini to include the CNF.CORNELL.EDU realm -- note that
the
CIT.CORNELL.EDU realm should still be the default realm and don't forget the
cross-realm configuration - file won't exist if bear access or kerberos not
installed (see attached krb5.ini)

...