[OpenAFS] Windows Vista and strange problem with OpenAFS Authentication
Jeffrey Altman
jaltman@secure-endpoints.com
Thu, 27 Aug 2009 09:39:21 -0400
Claudio Prono wrote:
>
> Jeffrey Altman ha scritto:
>> Claudio Prono wrote:
>>
>>> Hi to all,
>>>
>>> I have a strange problem with Authentication. The same OpenAFS Server
>>> works fine with other clients, but with mine i got an error like this
>>> when i try to authenticate:
>>>
>>> The AFS Client was unable to obtain tokens as cprono in cell domain.pri
>>>
>>> Error: 11862791 (Unknown code KTC 7)
>>>
>>> If i try to do a tokens.exe from prompt i have this:
>>>
>>> AFS device may not have started.
>>>
>>> Other strange thing is if i try to connect with \\afs, i see my own
>>> local shares (like a loopback)... is this normal?
>>>
>>> How i can debug that situation?
>>>
>>> Cheers,
>>>
>>> Claudio.
>>>
>> This is not normal. In fact, this sounds exactly like a bug
>> in the Vista release candidates that was fixed literally weeks
>> before release to manufacturing. In that case, the Netbios stack
>> would deliver messages for \\AFS to the local machine file sharing
>> server.
>>
>> Under this circumstance, it is impossible to communicate with
>> the AFS cache manager. Hence the error that the device may not
>> have been started.
>>
>> What is the output of "nbstat -n" and "nbstat -S"?
>>
>> What does %windir%\temp\afsd_init.log indicate?
>>
>> Jeffrey Altman
>>
>>
>> !DSPAM:70,4a956df7116561747729504!
>>
>>
>>
>>
>>
> There is my nbtstat :
>
> C:\Users\Cla75>nbtstat -S
>
> AFS:
> Indirizzo IP nodo: [0.0.0.0] ID ambito: []
>
> Nessuna connessione
>
> [cut]
>
> C:\Users\Cla75>nbtstat -n
>
> AFS:
> Indirizzo IP nodo: [0.0.0.0] ID ambito: []
>
> Nessun nome nella cache
>
> [cut]
>
> And there is my afsd_init log:
>
> 27/08/2009 11.14.00: SERVICE_CONTROL_APMRESUMEAUTOMATIC
> 27/08/2009 11.14.04: SERVICE_CONTROL_APMRESUMESUSPEND
> 27/08/2009 11.14.34: smb_LanAdapterChange
> 27/08/2009 11.14.34: Lan Adapter Change detected (255 != 14): lan list
> length changed 1 != 0
> 27/08/2009 11.14.34: LAN adapter number 14
> 27/08/2009 11.14.34: Using >CLA-NB2-AFS< as SMB server name
> 27/08/2009 11.14.34: smb_localNamep is >CLA-NB2-AFS<
> 27/08/2009 11.14.34: Netbios NCBRESET lana 14 error code 35
> 27/08/2009 11.14.34: lana_list.length 1
> 27/08/2009 11.14.34: Netbios NCBADDNAME lana=255 code=35 retcode=35
> complete=35
> 27/08/2009 11.14.34: Netbios NCBADDNAME added new name >CLA-NB2-AFS <
> 27/08/2009 11.14.34: Netbios NCBADDNAME lana 255 error code 35
> 27/08/2009 11.14.34: No valid LANA numbers found!
> 27/08/2009 11.14.34: smb_NetbiosInit smb_LANadapter=255
> 27/08/2009 11.14.45: smb_LanAdapterChange
> 27/08/2009 11.14.45: Lan Adapter Change detected (255 != 14): lan list
> length changed 1 != 0
> 27/08/2009 11.14.45: LAN adapter number 14
> 27/08/2009 11.14.45: Using >CLA-NB2-AFS< as SMB server name
> 27/08/2009 11.14.45: smb_localNamep is >CLA-NB2-AFS<
> 27/08/2009 11.14.45: Netbios NCBRESET lana 14 error code 35
> 27/08/2009 11.14.45: lana_list.length 1
> 27/08/2009 11.14.45: Netbios NCBADDNAME lana=255 code=35 retcode=35
> complete=35
> 27/08/2009 11.14.45: Netbios NCBADDNAME added new name >CLA-NB2-AFS <
> 27/08/2009 11.14.45: Netbios NCBADDNAME lana 255 error code 35
> 27/08/2009 11.14.45: No valid LANA numbers found!
> 27/08/2009 11.14.45: smb_NetbiosInit smb_LANadapter=255
>
> What means No valid LANA numbers found?
>
> Cheers,
>
> Claudio.
Your Microsoft Loopback Adapter is either misconfigured or disabled
and no other network adapter on the machine has a valid IP address
or all of the other adapters have Netbios disabled.
Essentially what this means that there is nowhere for the
AFS cache manager to bind a Netbios name to. Remove the Microsoft
Loopback adapter and uninstall OpenAFS and then reinstall OpenAFS.
If you have a network firewall/security product on the machine
that blocks Netbios traffic, get rid of it.
Jeffrey Altman