[OpenAFS] OpenAFS Windows client will not map drives

Sean Caron caron.sean@gmail.com
Fri, 3 Mar 2006 17:32:12 -0500


------=_Part_14544_5995900.1141425132732
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Thanks for the suggestions so far. What I am doing is: I have a couple of
spare machines in my office that I am
testing various configurations of the OpenAFS client on, so I can try all
sorts of funky things and not have to
worry about messing up a machine that someone is actually using. I set one
up to test the behaviour of the
client with the loopback adapter on, as so:

(1) Wiped a machine a did a fresh load of our disk image (XP, Novell client=
,
etc). Computer name is SPH-2002-0196.
I saw some old post on the Internet implying that dashes in the hostname
might cause problems with the AFS
client, but they dated from 2002 or 2003, so I'm assuming it doesn't matter
these days. I think I mentioned earlier
that I tried a system with a boring alphanumeric only name (SPHAFSTEST) and
it didn't help anything.

(reboot)

(2) Installed MIT Kerberos v3.0.0 with all default settings on; krb5.ini ha=
s
been properly customized for our site.
Kerberos is set to start automatically when Windows starts (as would make
sense). (side note: MIT Kerberos seems to
work fine in and of itself. It gladly will go authenticate and get tokens).
I did this as an administrator; normal users wouldn't
normally be allowed to install software given the way we have security set
up on our workstation disk image.

(reboot)

(3) Installed OpenAFS Windows Client v1.4.0 (as an administrator) WITH the
loopback adaptor installed this time. Use our
CellServDB file that actually includes our site. Set AFS cell name to "
sph.umich.edu". Everything else is set per installation
defaults (AFS crypt security =3D on, AFS freelance client =3D on, DNS cells=
erver
search =3D on, start afscreds on login =3D on, auto
initialize afscreds =3D on, renew drivemaps =3D on, ip change detection =3D=
 on,
quiet =3D on). Installer completes successfully.

(reboot)

(4) Now my test workstation is back online, sitting at the login prompt. I
try to login to the Novell network (client version 4.91, by
the way). Now it doesn't work! "The tree or server cannot be found. Choose =
a
different tree or server....". OK. Let's log in as
"Workstation only". Did the Novell client get bound up in the loopback
adapter or something? Can this be dealt with? I know very
little about Novell (I am a new hire at SPH, and mostly a UNIX guy).

(5) So I log in to the local machine only and get the AFS Client "Obtain Ne=
w
AFS tokens" dialog box. Enter username and password
and authenticate to cell "sph.umich.edu". Wait a minute or two, and the
tickets show up in the MIT Kerberos Network Identity
Manager. So at least authentication and ticketing is all good.

(6) Testing: Start->Run. "\\afs\all". I get the message: "This file does no=
t
have a program associated with it for performing this action.
Create an association in the Folder Options control panel".

OK.

Testing: Start->Run. "\\afs\sph.umich.edu". Same message.

Testing: Start->Run. "\\afs\sph.umich.edu\user\s\scaron". Wait a second or
two... same message.

Testing: Start->Run. "cmd". From command prompt: "net use
\\afs\sph.umich.edu\user\s\scaron h:". We get the message: "The
network name cannot be found (system error 67)".

Testing: Click "Drive Letters" tab in AFS client. It sits for a while (30
secs - 1 minute). Click "Add". Select "Drive F", AFS path
"\afs\sph.umich.edu\user\s\scaron", submount "homes". I get the error:

"AFS was unable to map the network drive to the specified path in AFS. Chec=
k
to make sure the drive letter is not currently in use"
"Error 0x00000043"

(i was thinking about it and it hit me that 43 hex =3D 67 decimal so i gues=
s
NETWORK NAME CANNOT BE FOUND is the issue here)

(7) Check network properties. We have two connections installed.

One is called AFS and is bound to the loopback adaptor. Uses items: Novell
client for Windows, Client for Microsoft networks, Remote
management, Novell workstation manager, Novell distributed print services,
TCP/IP

The other is the default Local Area Network connection. Uses items: Novell
client for Windows, Client for Microsoft networks, QoS
packet scheduler, Remote management, Novell workstation manager, Novell
distributed print services, TCP/IP. Windows firewall is
on. We use DHCP to get all network card parameters & DNS server information=
.
TCP/IP filtering is off. NetBIOS is set to "Use NetBIOS
setting from DHCP server. If static IP address is used or DHCP server does
not provide NetBIOS setting, enable NetBIOS over TCP/IP"

I see that we don't actually have a NetBIOS protocol installed by default o=
n
our load. Let's do it manually for now.

(8) Add protocol: NWLink IPX/SPX/NetBIOS Compatible Transport Protocol (thi=
s
is the only NetBIOS protocol available in the list).
Install it.

(reboot)

(9) So we're back at the login prompt and you still can't log in to Novell.
We get the same "The tree or server cannot be found..." message.
Let's login to local workstation only again and proceed. Once again I am
able to successfully log in, authenticate to sph.umich.edu, and
obtain tokens.

(10) Try the same testing suite again:

Testing: Start->Run. "\\afs\all". I get the message: "This file does not
have a program associated with it for performing this action.
Create an association in the Folder Options control panel".

Testing: Start->Run. "\\afs\sph.umich.edu". Same message.

Testing: Start->Run. "\\afs\sph.umich.edu\user\s\scaron". Same message.

Testing: Start->Run. "cmd". From command prompt: "net use
\\afs\sph.umich.edu\user\s\scaron h:". We get the message: "The
network name cannot be found (system error 67)".

Testing: Click "Drive Letters" tab in AFS client. It comes up instantly thi=
s
time around. Click "Add". Select "Drive F", AFS path
"\afs\sph.umich.edu\user\s\scarno", submount "homes". I again get the error=
:

"AFS was unable to map the network drive to the specified path in AFS. Chec=
k
to make sure the drive letter is not currently in use"
"Error 0x00000043"

That didn't seem to help anything.

(11) Go to Network Connections->Advanced Settings. In "adapters and
bindings" I move the AFS (loopback) connection to the top of
the pile. Go to Provider Order tab and move OpenAFSDaemon to the very top o=
f
the heap (it was at the very bottom).

(reboot)

(12) I'm not even going to try and log into the Novell network this time
around. Log in to local machine only and run my series of test
commands again. Same results as above.

(13) It was suggested that I perhaps unbind NWLink IPX/SPX/NetBIOS
Compatible Transport Protocol from the Client for Microsoft
Networks. Go back into Network->Advanced Settings and do that. While I'm at
it, I see that TCP/IP has become unbound from the
Novell client. So I bind that back up while I'm there.

(reboot)

(14) Why not try and log into Novell this boot around? I still get the "Tre=
e
or server cannot be found" error. Let's login to the workstation
only and proceed again.

(15) Run my little suite of test commands again. Same results as above (no
change).

This is about where I stand now. I've tried some various other things: Hard
setting "NetBIOS over TCP/IP" to ON instead of taking settings
based on DHCP values, manually entering DNS servers, turning off Windows
firewall, etc. All seem to have no effect. I've repeated all this
for both the cases of loopback adaptor installed, and loopback adaptor not
installed, basically, with (roughly) the same effects. Some of
the errors I got without the loopback adaptor were a little different (I
remember getting a system error 53 a couple of times, among other
things).

I tried to be as exhaustive as possible in compiling my little report here;
I hope it isn't entirely too much wasted reading and writing for
myself and all of you out there on the list. I'm really hoping to be able t=
o
get this to work, or, failing that, at least be able to go to my
supervisor and say without a doubt that "the AFS client for Windows will no=
t
work with [our] Novell installation [because]...", so I want
to be sure that I pretty much left no stone unturned.

Thanks, everyone, for all the help thus far. Please don't hesitate to ask m=
e
about anything if you feel that you might need more knowledge
about my system environment to be able to offer any useful suggestions.

Regards,


Sean Caron

Associate Systems Administrator
University of Michigan School of Public Health
1-734-763-4206
scaron@umich.edu


On 3/3/06, Rodney M Dyer <rmdyer@uncc.edu> wrote:
>
> At 12:12 PM 3/3/2006, Jeffrey Altman wrote:
> >I have heard of other organizations having problems with both Novell and
> >OpenAFS clients on the same machines.  I have not had access to such a
> >configuration to be able to debug it.
>
> Just a note.  We run the Novell client without issues with OpenAFS and th=
e
> loopback adapter.  We DO NOT however use the Novell GINA module.  After w=
e
> install the Novell client, we replace the nwgina.dll back to
> msgina.dll.  We also place the afslogon.dll authenticator first in the
> providers list.
>
> Rodney
>
> Rodney M. Dyer
> Windows Systems Programmer
> Mosaic Computing Group
> William States Lee College of Engineering
> University of North Carolina at Charlotte
> Email: rmdyer@uncc.edu
> Web: http://www.coe.uncc.edu/~rmdyer
> Phone: (704)687-3518
> Help Desk Line: (704)687-3150
> FAX: (704)687-2352
> Office:  Cameron Applied Research Center, Room 232
>
>

------=_Part_14544_5995900.1141425132732
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Thanks for the suggestions so far. What I am doing is: I have a couple of s=
pare machines in my office that I am<br>
testing various configurations of the OpenAFS client on, so I can try all s=
orts of funky things and not have to<br>
worry about messing up a machine that someone is actually using. I set one =
up to test the behaviour of the<br>
client with the loopback adapter on, as so:<br>
<br>
(1) Wiped a machine a did a fresh load of our disk image (XP, Novell client=
, etc). Computer name is SPH-2002-0196.<br>
I saw some old post on the Internet implying that dashes in the hostname mi=
ght cause problems with the AFS<br>
client, but they dated from 2002 or 2003, so I'm assuming it doesn't matter=
 these days. I think I mentioned earlier<br>
that I tried a system with a boring alphanumeric only name (SPHAFSTEST) and=
 it didn't help anything.<br>
<br>
(reboot)<br>
<br>
(2) Installed MIT Kerberos v3.0.0 with all default settings on; krb5.ini ha=
s been properly customized for our site.<br>
Kerberos is set to start automatically when Windows starts (as would make s=
ense). (side note: MIT Kerberos seems to<br>
work fine in and of itself. It gladly will go authenticate and get
tokens). I did this as an administrator; normal users wouldn't<br>
normally be allowed to install software given the way we have security set =
up on our workstation disk image.<br>
<br>
(reboot)<br>
<br>
(3) Installed OpenAFS Windows Client v1.4.0 (as an administrator) WITH the =
loopback adaptor installed this time. Use our<br>
CellServDB file that actually includes our site. Set AFS cell name to &quot=
;<a href=3D"http://sph.umich.edu">sph.umich.edu</a>&quot;. Everything else =
is set per installation<br>
defaults (AFS crypt security =3D on, AFS freelance client =3D on, DNS cells=
erver search =3D on, start afscreds on login =3D on, auto<br>
initialize afscreds =3D on, renew drivemaps =3D on, ip change detection =3D=
 on, quiet =3D on). Installer completes successfully.<br>
<br>
(reboot)<br>
<br>
(4) Now my test workstation is back online, sitting at the login
prompt. I try to login to the Novell network (client version 4.91, by<br>
the way). Now it doesn't work! &quot;The tree or server cannot be found. Ch=
oose a different tree or server....&quot;. OK. Let's log in as<br>
&quot;Workstation only&quot;. Did the Novell client get bound up in the loo=
pback adapter or something? Can this be dealt with? I know very<br>
little about Novell (I am a new hire at SPH, and mostly a UNIX guy).<br>
<br>
(5) So I log in to the local machine only and get the AFS Client &quot;Obta=
in New AFS tokens&quot; dialog box. Enter username and password<br>
and authenticate to cell &quot;<a href=3D"http://sph.umich.edu">sph.umich.e=
du</a>&quot;. Wait a minute or two, and the tickets show up in the MIT Kerb=
eros Network Identity<br>
Manager. So at least authentication and ticketing is all good.<br>
<br>
(6) Testing: Start-&gt;Run. &quot;\\afs\all&quot;. I get the message: &quot=
;This file
does not have a program associated with it for performing this action.<br>
Create an association in the Folder Options control panel&quot;.<br>
<br>
OK.<br>
<br>
Testing: Start-&gt;Run. &quot;\\afs\sph.umich.edu&quot;. Same message.<br>
<br>
Testing: Start-&gt;Run. &quot;\\afs\sph.umich.edu\user\s\scaron&quot;. Wait=
 a second or two... same message.<br>
<br>
Testing: Start-&gt;Run. &quot;cmd&quot;. From command prompt: &quot;net use=
 \\afs\sph.umich.edu\user\s\scaron h:&quot;. We get the message: &quot;The<=
br>
network name cannot be found (system error 67)&quot;.<br>
<br>
Testing: Click &quot;Drive Letters&quot; tab in AFS client. It sits for a w=
hile
(30 secs - 1 minute). Click &quot;Add&quot;. Select &quot;Drive F&quot;, AF=
S path<br>
&quot;\afs\sph.umich.edu\user\s\scaron&quot;, submount &quot;homes&quot;. I=
 get the error:<br>
<br>
&quot;AFS was unable to map the network drive to the specified path in AFS.
Check to make sure the drive letter is not currently in use&quot;<br>
&quot;Error 0x00000043&quot;<br>
<br>
(i was thinking about it and it hit me that 43 hex =3D 67 decimal so i gues=
s NETWORK NAME CANNOT BE FOUND is the issue here)<br>
<br>
(7) Check network properties. We have two connections installed.<br>
<br>
One is called AFS and is bound to the loopback adaptor. Uses items:
Novell client for Windows, Client for Microsoft networks, Remote<br>
management, Novell workstation manager, Novell distributed print services, =
TCP/IP<br>
<br>
The other is the default Local Area Network connection. Uses items:
Novell client for Windows, Client for Microsoft networks, QoS<br>
packet scheduler, Remote management, Novell workstation manager, Novell dis=
tributed print services, TCP/IP. Windows firewall is<br>
on. We use DHCP to get all network card parameters &amp; DNS server
information. TCP/IP filtering is off. NetBIOS is set to &quot;Use NetBIOS<b=
r>
setting from DHCP server. If static IP address is used or DHCP server
does not provide NetBIOS setting, enable NetBIOS over TCP/IP&quot;<br>
<br>
I see that we don't actually have a NetBIOS protocol installed by default o=
n our load. Let's do it manually for now.<br>
<br>
(8) Add protocol: NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
(this is the only NetBIOS protocol available in the list).<br>
Install it.<br>
<br>
(reboot)<br>
<br>
(9) So we're back at the login prompt and you still can't log in to
Novell. We get the same &quot;The tree or server cannot be found...&quot; m=
essage.<br>
Let's login to local workstation only again and proceed. Once again I
am able to successfully log in, authenticate to <a href=3D"http://sph.umich=
.edu">sph.umich.edu</a>, and<br>
obtain tokens.<br>
<br>
(10) Try the same testing suite again:<br>
<br>
Testing: Start-&gt;Run. &quot;\\afs\all&quot;. I get the message: &quot;Thi=
s file does
not have a program associated with it for performing this action.<br>

Create an association in the Folder Options control panel&quot;.<br>
<br>
Testing: Start-&gt;Run. &quot;\\afs\sph.umich.edu&quot;. Same message.<br>

<br>

Testing: Start-&gt;Run. &quot;\\afs\sph.umich.edu\user\s\scaron&quot;. Same=
 message.<br>

<br>

Testing: Start-&gt;Run. &quot;cmd&quot;. From command prompt: &quot;net use=
 \\afs\sph.umich.edu\user\s\scaron h:&quot;. We get the message: &quot;The<=
br>

network name cannot be found (system error 67)&quot;.<br>

<br>
Testing: Click &quot;Drive Letters&quot; tab in AFS client. It comes up ins=
tantly
this time around. Click &quot;Add&quot;. Select &quot;Drive F&quot;, AFS pa=
th<br>
&quot;\afs\sph.umich.edu\user\s\scarno&quot;, submount &quot;homes&quot;. I=
 again get the error:<br>

<br>

&quot;AFS was unable to map the network drive to the specified path in AFS.
Check to make sure the drive letter is not currently in use&quot;<br>

&quot;Error 0x00000043&quot;<br>
<br>
That didn't seem to help anything.<br>
<br>
(11) Go to Network Connections-&gt;Advanced Settings. In &quot;adapters and
bindings&quot; I move the AFS (loopback) connection to the top of<br>
the pile. Go to Provider Order tab and move OpenAFSDaemon to the very top o=
f the heap (it was at the very bottom).<br>
<br>
(reboot)<br>
<br>
(12) I'm not even going to try and log into the Novell network this
time around. Log in to local machine only and run my series of test<br>
commands again. Same results as above.<br>
<br>
(13) It was suggested that I perhaps unbind NWLink IPX/SPX/NetBIOS Compatib=
le Transport Protocol from the Client for Microsoft<br>
Networks. Go back into Network-&gt;Advanced Settings and do that. While I'm=
 at it, I see that TCP/IP has become unbound from the<br>
Novell client. So I bind that back up while I'm there.<br>
<br>
(reboot)<br>
<br>
(14) Why not try and log into Novell this boot around? I still get the
&quot;Tree or server cannot be found&quot; error. Let's login to the workst=
ation<br>
only and proceed again.<br>
<br>
(15) Run my little suite of test commands again. Same results as above (no =
change).<br>
<br>
This is about where I stand now. I've tried some various other things:
Hard setting &quot;NetBIOS over TCP/IP&quot; to ON instead of taking settin=
gs<br>
based on DHCP values, manually entering DNS servers, turning off
Windows firewall, etc. All seem to have no effect. I've repeated all
this<br>
for both the cases of loopback adaptor installed, and loopback adaptor
not installed, basically, with (roughly) the same effects. Some of<br>
the errors I got without the loopback adaptor were a little different
(I remember getting a system error 53 a couple of times, among other<br>
things).<br>
<br>
I tried to be as exhaustive as possible in compiling my little report
here; I hope it isn't entirely too much wasted reading and writing for<br>
myself and all of you out there on the list. I'm really hoping to be
able to get this to work, or, failing that, at least be able to go to my<br=
>
supervisor and say without a doubt that &quot;the AFS client for Windows
will not work with [our] Novell installation [because]...&quot;, so I want<=
br>
to be sure that I pretty much left no stone unturned.<br>
<br>
Thanks, everyone, for all the help thus far. Please don't hesitate to
ask me about anything if you feel that you might need more knowledge<br>
about my system environment to be able to offer any useful suggestions.<br>
<br>
Regards,<br>
<br>
<br>
Sean Caron<br>
<br>
Associate Systems Administrator<br>
University of Michigan School of Public Health<br>
1-734-763-4206<br>
<a href=3D"mailto:scaron@umich.edu">scaron@umich.edu</a><br>
<br>
<br><div><span class=3D"gmail_quote">On 3/3/06, <b class=3D"gmail_sendernam=
e">Rodney M Dyer</b> &lt;<a href=3D"mailto:rmdyer@uncc.edu">rmdyer@uncc.edu=
</a>&gt; wrote:</span><blockquote class=3D"gmail_quote" style=3D"border-lef=
t: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1=
ex;">
At 12:12 PM 3/3/2006, Jeffrey Altman wrote:<br>&gt;I have heard of other or=
ganizations having problems with both Novell and<br>&gt;OpenAFS clients on =
the same machines.&nbsp;&nbsp;I have not had access to such a<br>&gt;config=
uration to be able to debug it.
<br><br>Just a note.&nbsp;&nbsp;We run the Novell client without issues wit=
h OpenAFS and the<br>loopback adapter.&nbsp;&nbsp;We DO NOT however use the=
 Novell GINA module.&nbsp;&nbsp;After we<br>install the Novell client, we r=
eplace the nwgina.dll back to
<br>msgina.dll.&nbsp;&nbsp;We also place the afslogon.dll authenticator fir=
st in the<br>providers list.<br><br>Rodney<br><br>Rodney M. Dyer<br>Windows=
 Systems Programmer<br>Mosaic Computing Group<br>William States Lee College=
 of Engineering
<br>University of North Carolina at Charlotte<br>Email: <a href=3D"mailto:r=
mdyer@uncc.edu">rmdyer@uncc.edu</a><br>Web: <a href=3D"http://www.coe.uncc.=
edu/~rmdyer">http://www.coe.uncc.edu/~rmdyer</a><br>Phone: (704)687-3518<br=
>
Help Desk Line: (704)687-3150<br>FAX: (704)687-2352<br>Office:&nbsp;&nbsp;C=
ameron Applied Research Center, Room 232<br><br></blockquote></div><br>

------=_Part_14544_5995900.1141425132732--