future directions for the afs client on window s
play

Future Directions for the AFS Client on Window s Jeffrey Eric - PowerPoint PPT Presentation

Jan 28, 2023 •549 likes •991 views

Future Directions for the AFS Client on Window s Jeffrey Eric Altman jaltman *at* secure-endpoints *dot* com Why am I here at SLAC? Introduce myself to the community Describe the state of OpenAFS on Windows today Describe the issues

  1. Future Directions for the AFS Client on Window s Jeffrey Eric Altman jaltman *at* secure-endpoints *dot* com

  2. Why am I here at SLAC? � Introduce myself to the community � Describe the state of OpenAFS on Windows today � Describe the issues which must be solved � Offer proposals for future directions � Obtain your feedback 2 AFS Best Practices '2004 OpenAFS Windows Futures

  3. Who am I and w hat do I do? � OpenAFS Gatekeeper for Windows • Audit code submissions • Manage Bug Requests • Build releases • Fix things • Plan for the future � MIT Kerberos for Windows maintainer � Project JXTA Board Member 3 AFS Best Practices '2004 OpenAFS Windows Futures

  4. What else have I done? � The Kermit Project • Cross platform (Unix, OS/2, Windows) � Internet Access Methods • Java based Person to Person collaboration software � Miscellaneous Network Security stuff • OpenSSL, Secure Remote Password, TELNET START_TLS, FTP AUTH TLS, SSH � Internet Engineering Task Force (IETF) 4 AFS Best Practices '2004 OpenAFS Windows Futures

  5. I have no AFS experience Why am I a Gatekeeper? � Windows development background � Networking experience � Security experience � Reputation from other projects � Volunteer 5 AFS Best Practices '2004 OpenAFS Windows Futures

  6. How bad things w ere … � OpenAFS on Windows was under supported � Other than the work added in 1.2.8 there have been close to zero changes since 1.0 � Submitted patches could not be applied as there was no one to audit them � Bugs placed in RT could not be responded to. 6 AFS Best Practices '2004 OpenAFS Windows Futures

  7. There is a new sheriff in tow n � All items in RT queue have at least been responded to if not fixed � Outstanding patches have been applied � Code submissions obtained and integrated � Resource leaks plugged � “Stable” OpenAFS 1.3.61 announced March 22 7 AFS Best Practices '2004 OpenAFS Windows Futures

  8. 1.2.11 vs. 1.3.61: Which definition of “stable” do w e mean? “Stable” meaning that the code does 1. not change very much from release to release providing predictability “Stable” meaning that the code 2. performs reliably without crashing unexpectedly or adversely impacting the performance of the system 8 AFS Best Practices '2004 OpenAFS Windows Futures

  9. Reasons 1.2.x is Not a Stable Release � Un-initialized variables � Memory leaks due to reference count management errors � Kernel object leaks due to reference count and usage errors � Thread deadlocks due to recursive use of single use lock implementation 9 AFS Best Practices '2004 OpenAFS Windows Futures

  10. More reasons 1.2.x is Not Stable � Memory allocated in one DLL is de- allocated in another � Operations which require both a pioctl and a RPC to send private data (ktc_GetToken and ktc_SetToken) are not atomic 10 AFS Best Practices '2004 OpenAFS Windows Futures

  11. Even more reasons … � The number of NetBIOS control blocks used in protocol operations (100) exceeds the number of objects which Windows can wait on simultaneously (64). � SMB messages with the “extended” bit set were not supported preventing file operations from being performed on a subset of files. 11 AFS Best Practices '2004 OpenAFS Windows Futures

  12. What is new in 1.3.61? � Code Donations � New functionality from: � Improved • Rob Murawski Performance • Joe Beuhler � Improved Reliability • MIT � New Installer • Morgan Stanley • Secure Endpoints � Improved Developer • Sine Nomine experience • Skyrope • others 12 AFS Best Practices '2004 OpenAFS Windows Futures

  13. New Build System � Supports • Microsoft Visual C++ 6.0; • Visual Studio .NET; and • Visual Studio .NET 2003 (release builds) � Only Windows 2000 and above � Windows 9X did not compile and there is no desire to fix it. 13 AFS Best Practices '2004 OpenAFS Windows Futures

  14. New NSIS Installer � Rob Murawski implemented a new installer using the Open Source Nullsoft Scriptable Installer Framework 2.0 � Supports new installs, uninstalls and upgrades from previous releases � Designed for interactive installs (not an MSI) 14 AFS Best Practices '2004 OpenAFS Windows Futures

  15. 15 NSIS Installer: Selecting OpenAFS Windows Futures AFS Best Practices '2004 Components

  16. 16 NSIS Installer: CellServDB OpenAFS Windows Futures AFS Best Practices '2004

  17. 17 OpenAFS Windows Futures AFS Best Practices '2004 NSIS Installer: Client Configuration

  18. \\afs\cellname\ � UNC paths of the form \\afs\cellname are now supported when using the MS Loopback adapter � The “NetbiosName” registry value can be used to specify alternatives to “afs” � No longer need to use \\afs\all\cellname 18 AFS Best Practices '2004 OpenAFS Windows Futures

  19. MIT Kerberos for Window s 2.6 Integration � Obtain tokens using Kerberos 5 and krb524d � Imports credentials from both the MSLSA and CCAPI credential caches � Automatically renews tokens and tickets as they approach expiration � Architecture supports obtaining tokens for multiple cells from a single krb5 tgt (no UI) � Not yet supported by Integrated Logon � Can be disabled on a per user basis (no UI) 19 AFS Best Practices '2004 OpenAFS Windows Futures

  20. Using DNS to resolve Cells (not new just not used) � Cells not specified in the %WINDIR%\afsdcell.ini (aka CellServDB) may be discovered via DNS � Windows DNS Query API now used instead of home grown implementation � No longer a need to configure DNS servers with %WINDIR%\afsdns.ini � Controlled by “UseDNS” registry value 20 AFS Best Practices '2004 OpenAFS Windows Futures

  21. Freelance mode (not new just not used) � No need for a home cell to provide mount points for other cells � Dynamically mounts cells upon first use � Stores local mount points in %WINDIR%\afs_freelance.ini � “fs mkmount” and “fs rmmount” may be used to configure mount lists � Controlled by “FreelanceClient” registry value � Provides for better disconnected user experience 21 AFS Best Practices '2004 OpenAFS Windows Futures

  22. Select Lan Adapter by Name � The display name of the LAN Adapters can be used as a means of specifying which LAN adapter should be used by the AFS Client Service. � Simply name the desired LAN Adapter “AFS” � This functionality may be disabled using the “NoFindLanaByName” registry value � This functionality is disable by default by the 1.3.61 NSIS installer. 22 AFS Best Practices '2004 OpenAFS Windows Futures

  23. Hidden Dot Files � Following Unix tradition, files/directories whose names begin with a period are given the Hidden attribute when the “HideDotFiles” registry value is set 23 AFS Best Practices '2004 OpenAFS Windows Futures

  24. Pow er Management Support � Automatic Flushing of Volume data upon receipt of Standby or Suspend Notifications 24 AFS Best Practices '2004 OpenAFS Windows Futures

  25. Compatibility w ith Cisco IPSec VPN Client � The maximum size of Rx packets must be kept no larger than 1292 bytes in order to pass through the Cisco IPSec VPN Client � Installer sets the “RxMaxMTU” registry value to 1260 to provide compatibility 25 AFS Best Practices '2004 OpenAFS Windows Futures

  26. Logging Changes � afsd_init.log and afsd.log moved to the %TEMP% directory (usually %WINDIR%\TEMP for the SYSTEM account) � Stack Trace data logged to afsd_init.log during assertion failure or unhandled exception 26 AFS Best Practices '2004 OpenAFS Windows Futures

  27. The Beginning of Per User Profile Information � HKLM\Software\OpenAFS\Client key used to set system default values � HKCU\Software\OpenAFS\Client key used to store user configuration data � Currently used for: • Token Expiration Reminders • Use of Kerberos for Windows • Show Tray Icon (afscreds.exe auto start) • afscreds.exe shortcut parameters 27 AFS Best Practices '2004 OpenAFS Windows Futures

  28. New afscreds.exe functionality � -A = if needed, obtain tokens automatically using available Kerberos credentials or display an obtain token dialog to the user � -M = renew drive mapping � -N = activate IP Address Change monitor. If new address is discovered and no tokens are present query KDC; if found present token dialog to the user � -Z = remove all drive mappings 28 AFS Best Practices '2004 OpenAFS Windows Futures

  29. Many other changes � Performance optimizations � Additional runtime configuration via the registry � Added instrumentation � Fixed “vos listaddrs” and “fs setserverprefs” � See the release notes for details 29 AFS Best Practices '2004 OpenAFS Windows Futures

  30. Know n Issues: Multi-user support � “Cell” registry value serves two orthogonal purposes • Specifies home cell for the AFS Client Service • Specifies the default cell to use when obtaining tokens � Drive mapping data is stored globally although drive maps are actually maintained by the shell per user � Mount points are global allowing users to alter the environment for others � Token leakage occurs when tokens are obtained via afscreds.exe, aklog.exe, or KfW’s Leash32.exe 30 AFS Best Practices '2004 OpenAFS Windows Futures

Recommend

DB Future Directions Future Directions The Future is hard to predict and is driven by

DB Future Directions Future Directions The Future is hard to predict and is driven by

DB Future Directions Future Directions The Future is hard to predict and is driven by technology trends, unforeseen events, special needs, previous commitments, policy, mistakes, innovation, etc. What follows is some personal

538 views • 20 slides
Future directions in convective Future directions in convective parameterization

Future directions in convective Future directions in convective parameterization

Future directions in convective Future directions in convective parameterization parameterization What has a NWP to do ? Provide best possible short-range Forecast (not too difficult with a good Analysis System) Provide best possible

595 views • 21 slides
SRS Client Future direction of SRS client Current Client Tested on 5 different distros in

SRS Client Future direction of SRS client Current Client Tested on 5 different distros in

SRS Client Future direction of SRS client Current Client Tested on 5 different distros in 32 bit and 64 bit Requires a dedicated test/build box Difficult Crypt::OpenPGP dependencies Poor error reporting Not thread

495 views • 5 slides
Future Directions in High Future Directions in High P Performance Computing Performance

Future Directions in High Future Directions in High P Performance Computing Performance

Future Directions in High Future Directions in High P Performance Computing Performance Computing P f f C C ti ti Jack Dongarra k INNOVATIVE COMP ING LABORATORY U i University of Tennessee i f T Oak Ridge National Laboratory

653 views • 46 slides
U.S. Climate Reference Network: Current Status and Future Directions Sharon LeDuc Michael

U.S. Climate Reference Network: Current Status and Future Directions Sharon LeDuc Michael

U.S. Climate Reference Network: Current Status and Future Directions Sharon LeDuc Michael Palecki National Climatic Data Center DOC/NOAA/NESDIS USCRN Current Status and Future Directions, May 2009 1 USCRN Goals Making science quality

316 views • 27 slides
Future Directions in Computer Arithmetic: Panel Milo s D. Ercegovac University of California

Future Directions in Computer Arithmetic: Panel Milo s D. Ercegovac University of California

Future Directions in Computer Arithmetic: Panel Milo s D. Ercegovac University of California at Los Angeles June 26, 2018 The best way to predict the future is to invent it - Alan Kay, Turing Award Winner; Young researchers can and

294 views • 15 slides
User Interface Software Tools Application UIMS Toolkit Window system/graphics package

User Interface Software Tools Application UIMS Toolkit Window system/graphics package

User Interface Software Tools Application UIMS Toolkit Window system/graphics package Operating system Hardware Window Systems Manage shared resources (pixels, keyboard, mouse), provide clipping, translation Tells client when

549 views • 3 slides
Future Directions for Global and Hemispheric Cooperation the role of WMO ystein Hov

Future Directions for Global and Hemispheric Cooperation the role of WMO ystein Hov

Future Directions for Global and Hemispheric Cooperation the role of WMO ystein Hov Norwegian Meteorological Institute, MSC-W, UiO chair OPAG EPAC of CAS (WMO) EMEP TFHTAP Brussels 15 June 2010 Protect life and property, safeguard the

745 views • 61 slides
Future Directions for Global and Hemispheric Cooperation the role of WMO ystein Hov

Future Directions for Global and Hemispheric Cooperation the role of WMO ystein Hov

Future Directions for Global and Hemispheric Cooperation the role of WMO ystein Hov Norwegian Meteorological Institute, MSC-W, UiO chair OPAG EPAC of CAS (WMO) EMEP TFHTAP Brussels 15 June 2010 Protect life and property, safeguard the

646 views • 37 slides
Engaged community and delivered Directions for the future Developed some detailed

Engaged community and delivered Directions for the future Developed some detailed

Engaged community and delivered Directions for the future Developed some detailed policy chapters as a second phase (not all completed) Neighbourhood Visions process ensued Climate change Population growth

713 views • 42 slides
Overview and Future Directions Dr Dr De Deborah Pri Price: Pro Program Di Director: Mas

Overview and Future Directions Dr Dr De Deborah Pri Price: Pro Program Di Director: Mas

Australian Curriculum: Overview and Future Directions Dr Dr De Deborah Pri Price: Pro Program Di Director: Mas aster of of Tea Teaching Sen Senior Lect Lecturer: Inc Inclu lusive Edu Educatio ion and and Well llbeing Aus

125 views • 11 slides
Landscape & Future Directions Jeremy Clark m A I e r e h W Jeremy Clark

Landscape & Future Directions Jeremy Clark m A I e r e h W Jeremy Clark

Blockchain Technology: Landscape & Future Directions Jeremy Clark m A I e r e h W Jeremy Clark Assistant Professor at the Concordia Institute for Information Systems Engineering (CIISE) in Montreal PhD from the University

568 views • 45 slides
Scheduling and routing problems at TNT Some solutions and some future research directions orensen

Scheduling and routing problems at TNT Some solutions and some future research directions orensen

Vehicle routing at TNT Algorithm Future research Scheduling and routing problems at TNT Some solutions and some future research directions orensen 1 J. Vandenbergh 1 D. Cattrysse 1 M. Sevaux 2 K. S 1 Centre for Industrial Management, KULeuven

187 views • 16 slides
Talk the Second Matthew Turk Questions Collaborations Future directions yt

Talk the Second Matthew Turk Questions Collaborations Future directions yt

Talk the Second Matthew Turk Questions Collaborations Future directions yt Survival Guide Questions Collaborations Future directions yt Survival Guide Kinds of questions What can we ask of our data? Three basic

1.08k views • 78 slides
e Oliver Lenord, Robert Bosch GmbH Corporate Research with contributions from all partners

e Oliver Lenord, Robert Bosch GmbH Corporate Research with contributions from all partners

Jubilee Symposium 2019: Future Directions of System Modeling and Simulation Standardizing eFMI for Embedded Systems with Physical Models in the Production Code Software Jubilee Symposium: Future Directions of System Modeling and Simulation Sept.

661 views • 20 slides
Amenity Driven Growth: Recent Trends and Future Directions Presented at Fresh Water and the

Amenity Driven Growth: Recent Trends and Future Directions Presented at Fresh Water and the

Amenity Driven Growth: Recent Trends and Future Directions Presented at Fresh Water and the Great Lakes Economic Future Workshop Federal Reserve Bank of Chicago, Detroit Branch Detroit, Michigan November 10, 2008 ___________ Mark

301 views • 26 slides
INNOVATIONS IN THE REASONED ACTION APPROACH: APPLICATIONS AND FUTURE RESEARCH DIRECTIONS Dr.

INNOVATIONS IN THE REASONED ACTION APPROACH: APPLICATIONS AND FUTURE RESEARCH DIRECTIONS Dr.

INNOVATIONS IN THE REASONED ACTION APPROACH: APPLICATIONS AND FUTURE RESEARCH DIRECTIONS Dr. Paul Branscum Miami University branscpw@miamioh.edu He who loves practice without theory is like the sailor who boards ship without a rudder

733 views • 58 slides
Research, Practice, and Future Directions of Dynamic Ridesharing M.M. Dessouky, S. Koenig, M.

Research, Practice, and Future Directions of Dynamic Ridesharing M.M. Dessouky, S. Koenig, M.

Research, Practice, and Future Directions of Dynamic Ridesharing M.M. Dessouky, S. Koenig, M. Furuhata, X. Wang, H. Xu University of Southern California F. Ordez, U.Chile Outline } Overview } Market Mechanism (Sven) } Agent Systems (Maged)

538 views • 38 slides
Multi-Threaded Servers December 6, 2007 1 Client-Server Communication Client Client Client

Multi-Threaded Servers December 6, 2007 1 Client-Server Communication Client Client Client

Multi-Threaded Servers December 6, 2007 1 Client-Server Communication Client Client Client Client Client Client Client Client Client Google Client Client Client Client Client Client Many clients; 1 server Server starts and then

333 views • 6 slides
Antiangiogenic therapy in GI cancer: current status and future directions Before starting

Antiangiogenic therapy in GI cancer: current status and future directions Before starting

Riccardo Giampieri, MD, PhD Universit Politecnica delle Marche Ospedali Riuniti di Ancona Antiangiogenic therapy in GI cancer: current status and future directions Before starting Summary - Antiangiogenesis in colorectal cancer: a

906 views • 51 slides
Optimizing Queries Using Window Functions Viceniu Ciorbaru Agenda What are window

Optimizing Queries Using Window Functions Viceniu Ciorbaru Agenda What are window

Optimizing Queries Using Window Functions Viceniu Ciorbaru Agenda What are window functions? Practical use cases Why are window functions fast? Development status in MariaDB What are window functions? Similar to

669 views • 52 slides
Current and Future Directions in User Interface Design & Why UX is Important! Anne Miller,

Current and Future Directions in User Interface Design & Why UX is Important! Anne Miller,

Current and Future Directions in User Interface Design & Why UX is Important! Anne Miller, PhD August 2017 1 Paper-based information systems Visible, interactive, observable, configurable in real-time, data entry & assessment

352 views • 12 slides
GAO REPORT RELEASE Climate Engineering: Technical Status, Future Directions, and Potential

GAO REPORT RELEASE Climate Engineering: Technical Status, Future Directions, and Potential

GAO REPORT RELEASE Climate Engineering: Technical Status, Future Directions, and Potential Responses Timothy M. Persons, Ph.D. Chief Scientist U.S. Government Accountability Office www.gao.gov Wilson Center Science and Technology Innovation

1.16k views • 25 slides
CHARTING FUTURE DIRECTIONS Jn Tura Department of Molecular Biology Faculty of Natural

CHARTING FUTURE DIRECTIONS Jn Tura Department of Molecular Biology Faculty of Natural

Current challenges in intellectual property rights and biotechnology Bansk Bystrica, May 2 and 3, 2007 CHARTING FUTURE DIRECTIONS Jn Tura Department of Molecular Biology Faculty of Natural Sciences Comenius Univ. in Bratislava

182 views • 14 slides

More recommend