[OpenAFS] default token lifetime in Windows OpenAFS client

Dj Merrill deej@thayer.dartmouth.edu
Thu, 13 Oct 2005 14:04:02 -0400


Jeffrey Altman wrote:

> Perhaps because the user profile is not available at the
> time the AFS Network Provider obtains the tokens.  Remember,
> the tokens are obtained before the profile is loaded so that
> you can store the profile in AFS.
> 
> You have to set system wide defaults and not just per-user
> defaults.
> 
> Jeffrey Altman

	That makes sense, thanks for the pointer!

If I create a registry entry
	HKLM\Software\MIT\Leash,lifetime
and give it the same 1500 value as the
	HKCU\Software\MIT\Leash,lifetime
things seem to work as expected (25 hour tokens obtained
with integrated login).  Sweet!  :-)

	Or were you referring to another type of
system-wide default?

	Using the above HKLM setting should suffice for
any of the machines that we administer directly.
I'm not quite sure what to do with all of the student owned machines,
though, but we are significantly farther ahead than we were.
The majority of them most likely won't be using integrated login,
so the problem set is now significantly reduced.

	Thanks for your help!  :-)

-Dj

-- 
Dj Merrill
Sportsman 2+2 Builder #7118

"Many things that are unexplainable happen during the construction of an
airplane."  --Dave Prizio, 30 Aug 2005

"TSA: Totally Screwing Aviation"