[OpenAFS] OpenAFS 1.6.0002, Windows 64: RPC Server in unavailable

Jeffrey Altman jaltman@secure-endpoints.com
Fri, 09 Sep 2011 12:26:34 -0400

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 9/9/2011 11:14 AM, John Tang Boyland wrote:
> I have a new crop of students trying to install OpenAFS on Windows.
> I have a student who is able to get Tickets and AFS tokens with NIM:
> aklog -d -c cs.uwm.edu
> says that there are identical tokens already and doesn't do anything.

AFS tokens are simply a Kerberos 5 service ticket with some metadata
wrapping.  If the token that would be set is already present in the
cache manager, aklog won't set it a second time.

> (aklog -d tries to get tickets from openafs.org, but that's probably
> an incautious installation problem that is irrelevant to this problem.)=

The workstation cell name is set to "openafs.org".  Set it to the thing
you want it to be.

> NET VIEW \\AFS shows everything is fine.  (It shows the version 1.6.000=
> and mount points for cs.uwm.edu etc.)

Freelance mode is in use therefore all of this data is being delivered
from the registry.

> BUT,
> when they go to \\afs\cs.uwm.edu
> it says that they don't have access to the remote location because the
> "RPC Server is unavailable".

Which is an indication that the file server is considered to be down or
cannot be reached or that volume location information is unavailable for
the root.cell volume.

"fs checkservers -all -fast"  will print the current status for all
known servers.

"fs checkservers -all" will actually ping the servers and report back.

> We went to Norton Firewall and added a rule at the top to allow ALL
> outgoing connections.  Rebooted, still "RPC Server is unavailable"

More important is permitting all incoming connections to port 7001 so
that the servers can communicate with the client.

> NB: The cell cs.uwm.edu is open to system:anyuser, and so shouldn't
> require tokens anyway.

access control doesn't matter when you aren't communicating with the serv=

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

Version: GnuPG v1.4.9 (MingW32)