[OpenAFS-devel] Windows 2000 - Gina & OpenAfs

James Peterson jimpeter@us.ibm.com
Tue, 16 Oct 2001 11:26:22 -0700 

> I am working with one version of gina.dll and the  OpenAfs 1.1.1.a
> version.
> But, after the authentication, verification an error caused from "
> afsd_service.exe".

There is a problem with the association of tokens to their proper users
while in "machine context".   This would be the case during integrated
logon or while executing your own GINA routine.   If you are trying to
access AFS files that require authentication, then you should apply the
patches shown below.

When you write your GINA routine, you should use as a guide the code that
is part of AFS routine NPLogonNotify(), located  in module .
\src\winnt\afsd\afslogon.c.

If you want to use the token to access "protected" AFS directories you
should apply the following patch:

diff -Nur --exclude-from=exclude org/smb3.c upd/smb3.c
--- org/smb3.c Sat Jun 23 10:26:06 2001
+++ upd/smb3.c Thu Sep 27 10:35:28 2001
@@ -139,24 +139,6 @@
     pwd = smb_ParseString(tp, &tp);
     usern = smb_ParseString(tp, &tp);

-    if (strlen(usern)==0) {
-        /*return CM_ERROR_NOACCESS;*/
-        newUid = 0;   /* always assign uid 0 for blank username */
-        uidp = smb_FindUID(vcp, newUid, SMB_FLAG_CREATE);
-#ifdef DEBUG_VERBOSE
-         {
-        HANDLE h; char *ptbuf[1],buf[132];
-        h = RegisterEventSource(NULL, "AFS Service -
smb_ReceiveV3SessionSetupX");
-        sprintf(buf, "VCP[%x] lsn[%d] anonymous, uid
[%d]",vcp,vcp->lsn,uidp->userID);
-        ptbuf[0] = buf;
-        ReportEvent(h, EVENTLOG_INFORMATION_TYPE, 0, 0, NULL, 1, 0, ptbuf,
NULL);
-        DeregisterEventSource(h);
-         }
-#endif
-        smb_ReleaseUID(uidp);
-        goto done;
-    }
-
     /* On Windows 2000, this function appears to be called more often than
        it is expected to be called. This resulted in multiple smb_user_t
        records existing all for the same user session which results in all

P.S. These patches will show up in Windows 2000 release 1.2.1a.

James Peterson
"Integrity is the base of excellence."


openafs-devel-request@openafs.org@openafs.org on 10/16/2001 10:30:00 AM

Please respond to openafs-devel@openafs.org

Sent by:  openafs-devel-admin@openafs.org


To:   openafs-devel@openafs.org
cc:
Subject:  OpenAFS-devel digest, Vol 1 #337 - 4 msgs




Message: 2
Date: Tue, 16 Oct 2001 17:20:00 +0200
From: Ruggero Nepi <r.nepi@caspur.it>
Organization: Caspur
To: openafs-devel@openafs.org
Subject: [OpenAFS-devel] Gina & OpenAfs...

Hi,

I am working with one version of gina.dll and the  OpenAfs 1.1.1.a
version.
But, after the authentication, verification an error caused from "
afsd_service.exe".


There is someone that can give a suggestion please
to me?

Thanks!!!

Ruggero