[OpenAFS] Testing OpenAFS with Windows XP Roaming Profiles....

Jeffrey Altman jaltman@secure-endpoints.com
Wed, 29 Sep 2010 09:34:12 -0400

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 9/28/2010 11:46 AM, Claudio Prono wrote:

> So, the problem is really when i log of from the Client, and OpenAFS
> can't write on the home dir into the AFS...
> But the permissions are right, as u can see...
> fs listacl claudio/
> Access list for claudio/ is
> Normal rights:
>   system:administrators rlidwka
>   system:anyuser rlidwka
>   claudio rlidwka
> fs listacl .msprofile/
> Access list for .msprofile/ is
> Normal rights:
>   system:administrators rlidwka
>   system:anyuser rlidwka
>   claudio rlidwka

With these permissions you do not require tokens to write to the volume
so lack of tokens is not your problem.

> But, when i am going to disconnect, the client can't write the
> profile.... Now i think can be a problem of OpenAFS, stopping services
> too early and makes AFS inaccessible too early... but i don't have the
> idea of how to resolve it (if it is the problem)...... I know the
> afslogon.dll have a special code can detect if the system is into a
> domain or not...  but how i can see if it works also into a samba+ldap
> domain?

The AFS service is not started as part of logon or shutdown as part of
logoff.   Your problem is elsewhere.

I would suggest that you start your debugging on the AFS file server
using a combination of audit log data and tcpdump.

=46rom Windows you want to use SysInternals' Process Monitor to log file
access from boot to a file and simply let it record all of the data for
an entire logon / logoff session.

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

Version: GnuPG v1.4.9 (MingW32)