Versions Compared

Old Version 21

changes.mady.by.user David William Botsch

Saved on

compared with

New Version 22

changes.mady.by.user David William Botsch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. d/l 1.5.x client installer from http://www.openafs.org
  2. run the openafs installer
    1. For the type of install, if not already selected, choose "AFS Client"
    2. This will select the optional components (if not, select these two): AFS Client and MS Loopback Adapter
    3. CellServDB Configuration - Choose to Download from web address
    4. Client Cell Name Configuration
      1. Cell name is: cnf.cornell.edu
      2. Check Enable AFS crypt security, Enable AFS Freelance client, and Use DNS to Search for Cell Servers
    5. AFS Credentials Configuration
      1. Check Start AFS Credentials at system login
      2. Check Auto initialize AFS Credentials
      3. Check Renew drive maps
      4. Check IP Address change detection
      5. Check Quiet
    6. DO NOT REBOOT - Install attached Kerberos for OpenAFS first!!! 
  3. Install Kerberos for OpenAFS msi package (attached zip file) - no options to choose, just run the installer
  4. Copy the attached krb5.ini to c:\windows (e:\windows on some computers) overwriting the krb5.ini file that may be already there
  5. Firewall Configuration - Under Windows XP and Vista, we recommend that you just use the built in Windows firewall. For other firewalls:
    1. SYMANTEC - If the Symantec Client Firewall is installed, you will need to add a rule allowing all traffic to/from 10.254.254.253
      • If, during the Symantec configuration process, you get a popup window about a script error, you have two choices:
        • Reinstall Symantec - this MAY fix the problem
        • Disable the Symantec firewall and enable the Windows firewall - consult CNF IT staff for help on doing this
      1. Open Symantec CLient Client Firewall
      2. Client Firewall - Configure
      3. Advanced Tab
      4. General Button
      5. Add a rule
      6. Permit
      7. Connection to and from other computers
      8. Only the computers and sites listed below: Add 10.254.254.253
      9. TCP and UDP and All types of communication
      10. Don't log anything
      11. Name the rule AFS Loopback Rule
      12. Check All Locations
      13. Finish
      14. Find the rule in the list of General Rules (it will be at the bottom) and repeatedly click "Move Up" to get the rule to the top of the list
  6. NOW, REBOOT. After rebooting, your firewall may prompt you to allow the various afs applications access to the network. You should choose to Always Allow these.
  7. OPTIONAL, set up a drive mapping (must be done AFTER REBOOTING)
    1. Right click on My Network Places
    2. Map drive
    3. To follow the CNF convention, set the drive letter to X
    4. Set the path to \\afs\cnf.cornell.edu
    5. Choose to Reconnect the drives
    6. Done

...