[OpenAFS] Testing OpenAFS with Windows XP Roaming Profiles....

Claudio Prono claudio.prono@atpss.net
Wed, 29 Sep 2010 16:35:09 +0200 

Claudio Prono ha scritto:
>
>
> Jeffrey Altman ha scritto:
>> On 9/28/2010 11:46 AM, Claudio Prono wrote:
>>
>>   
>>> So, the problem is really when i log of from the Client, and OpenAFS
>>> can't write on the home dir into the AFS...
>>>
>>> But the permissions are right, as u can see...
>>>
>>> fs listacl claudio/
>>> Access list for claudio/ is
>>> Normal rights:
>>>   system:administrators rlidwka
>>>   system:anyuser rlidwka
>>>   claudio rlidwka
>>>
>>> fs listacl .msprofile/
>>> Access list for .msprofile/ is
>>> Normal rights:
>>>   system:administrators rlidwka
>>>   system:anyuser rlidwka
>>>   claudio rlidwka
>>>     
>>
>> With these permissions you do not require tokens to write to the volume
>> so lack of tokens is not your problem.
>>
>>   
>>> But, when i am going to disconnect, the client can't write the
>>> profile.... Now i think can be a problem of OpenAFS, stopping services
>>> too early and makes AFS inaccessible too early... but i don't have the
>>> idea of how to resolve it (if it is the problem)...... I know the
>>> afslogon.dll have a special code can detect if the system is into a
>>> domain or not...  but how i can see if it works also into a samba+ldap
>>> domain?
>>>     
>>
>> The AFS service is not started as part of logon or shutdown as part of
>> logoff.   Your problem is elsewhere.
>>
>> I would suggest that you start your debugging on the AFS file server
>> using a combination of audit log data and tcpdump.
>>
>> >From Windows you want to use SysInternals' Process Monitor to log file
>> access from boot to a file and simply let it record all of the data for
>> an entire logon / logoff session.
>>
>>
>>   
> You are right, the problem is when the Client exits, it tryies to
> write to \\dc\user\profile and not into \\afs\domain\users\user ....
> but the entry into the ldap is correct (homeDirectory:
> /afs/mediaservice-test.pri/users/claudio)... so i don't know why it
> try that.....
>> ------------------------------------------------------------------------
>>
>>     

Ok, now with Windows XP works...the problem is 2 wrong settings on Samba:

(little off topic but to someone can be useful)

logon path = \\afs\mediaservice-test.pri\users\%U\.msprofile
        logon home = \\afs\mediaservice-test.pri\%U\.9xprofile

now trying to make it work with Windows 7...but seems there are some
problem on domain join with samba...searching.... :)

Cheers,

Claudio.