You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 37 Next »

  Installing

 Windows

  1. d/l MIT Kerberos for Windows (32 or 64-bit, depending on your windows os install) 3.2.2 from http://web.mit.edu/kerberos/dist/index.htmlhttp://www.openafs.org/windows.html
    1. Do a Typical install
  2. d/l 1.6.x MSI client installer (for Managed installations) from http://www.openafs.org/windows.html -- do NOT use 1.7.x
  3. run the openafs installer
    1. Select a Custom install
    2. Accept the defaults for which components to install
    3. Change the cell name from openafs.org to cnf.cornell.edu
    4. Accept defaults on the rest of the screens
    5. Don't yet reboot (when prompted by the installer)
  4. Run the attached .reg files to set OpenAFS registry settings
  5. Copy the attached krb5.ini to c:\windows (e:\windows on some computers) overwriting the krb5.ini file that may be already there
  6. Firewall Configuration - Under Windows XP and Vista, we recommend that you just use the built in Windows firewall. For other firewalls:
    1. SYMANTEC - If the Symantec Client Firewall is installed, you will need to add a rule allowing all traffic to/from 10.254.254.253
      • If, during the Symantec configuration process, you get a popup window about a script error, you have two choices:
        • Reinstall Symantec - this MAY fix the problem
        • Disable the Symantec firewall and enable the Windows firewall - consult CNF IT staff for help on doing this
      1. Open Symantec Client Firewall
      2. Client Firewall - Configure
      3. Advanced Tab
      4. General Button
      5. Add a rule
      6. Permit
      7. Connection to and from other computers
      8. Only the computers and sites listed below: Add 10.254.254.253
      9. TCP and UDP and All types of communication
      10. Don't log anything
      11. Name the rule AFS Loopback Rule
      12. Check All Locations
      13. Finish
      14. Find the rule in the list of General Rules (it will be at the bottom) and repeatedly click "Move Up" to get the rule to the top of the list
  2. NOW, REBOOT. After rebooting, your firewall may prompt you to allow the various afs applications access to the network. You should choose to Always Allow these.
  3. OPTIONAL, set up a drive mapping (must be done AFTER REBOOTING)
    1. Right click on My Network Places
    2. Map drive
    3. To follow the CNF convention, set the drive letter to X
    4. Set the path to \\afs\cnf.cornell.edu
    5. Choose to Reconnect the drives
    6. Done

Mac OS 10.6 (Snow Leopard)

1. Install the CNF specific Kerberos preferences file (copy it to the Macintosh HD - Library - Preferences folder)

2. Download OAFS Features Release package (1.5.x) from www.openafs.org

3. Run the OAFS package installer
   A. When prompted, specify cnf.cornell.edu as the cell name and cnf as the cell alias

   B. No reboot is necessary - AFS will start running when the installer finishes

4. To show the AFS icon on the Desktop...

   A. Finder - Preferences

   B. General Tab

   C. Check "Connected Servers"

5. Download the gui AFSTokens app (Snow Leopard version) from
https://forge.cornell.edu/sf/projects/afs_tokens
        File Releases tab

        The 32-bit version (afstokens.zip) is for Intel Core Duos, and the 64-bit version (afstokens-64bit.zip) is for Intel Core-2 Duos (you can determine which you have by looking at the "Processor" line in the "About this mac" window under the Apple menu

Mac OS 10.7 (Lion)

  1. Install the Lion specific Kerberos preferences file to /private/etc/krb5.conf (the Snow Leopard file will not work)
  2. Download OpenAFS 1.6.x installed from the Openafs.org website
  3. Follow the instructions beginning at step 3 in the Snow Leopard instructions

Mac OS 10.8 (Mountain Lion)

  1. Install the Mountain Lion krb5.conf file to /private/etc/krb5.conf
  2. Install the Mountain Lion edu.mit.Kerberos file to /Library/Preferences/edu.mit.Kerberos
  3. Download OpenAFS 1.6.1a or greater from the openafs.org website
  4. Follow steps 3, 4, and 5 in the "Snow Leopard" instructions above. The AFSTokens GUI app will work for obtaining tokens but not for destroying tokens.
  • No labels