ARCHIVED: At IU, how do I install and configure OpenAFS on my Windows workstation for use with the RFS?
To access your account on the Indiana University Research File System (RFS) from a Windows workstation, download and install MIT Kerberos for Windows and the OpenAFS client. Each program is a separate package; they are not bundled together. To install them, you will need to log into the workstation as an administrator.
On this page:
- Installing MIT Kerberos for Windows
- Installing OpenAFS for Windows
- Instructions for 64-bit Windows 7
- Using Kerberos and OpenAFS
Installing MIT Kerberos for Windows
Installing MIT Kerberos for Windows will enable authenticate to the ADS.IU.EDU Kerberos realm.
Note: The following installation instructions are for version 3.2.2, which is not the latest or current release. For information about other versions, see the MIT Kerberos Distribution page.
- Download the MIT
Kerberos for Windows 3.2.2 installer
(
kfw-3-2-2.exe
). When the download is complete, click the installer to start the installation. - Follow the on-screen prompts to:
- Select a language.
- Start the
MIT Kerberos for Windows 3.2.2 Setup Wizard
. - Accept the terms of the license agreement.
- Select the and components for installation.
- Select a destination folder for the installation; the default path
is
C:\Program Files (x86)\MIT\Kerberos
. - The Kerberos Configuration dialog box will prompt you to select a
method for installing configuration files for the Kerberos client;
select
http://storage.iu.edu
, and then click .
and, in the corresponding
text box, enter - Choose whether or not to autostart the Network Identity Manager whenever you log into Windows, and then click .
- When the installation is complete, click to close the setup wizard.
Installing OpenAFS for Windows
The OpenAFS client for Windows allows your Windows workstation to communicate with the IU AFS cell servers. To install the OpenAFS client:
- On the OpenAFS for Windows page, scroll down and click . Download and run the installation program. You will be asked to select an installer language.
- In the "Choose Components" window, select . Make sure the and options are selected.
- Select a location to install OpenAFS.
- In the "CellServDB Configuration" window, choose the location of
the
CellServDB
file by selecting . In the box below the selection, enter: - In the "Client Cell Name Configuration" window, set the AFS cell
name to
IU.EDU
. Leave the other client options at their default values. - Retain the default options in the "AFS Credentials Configuration" window. Click .
- After the install is complete, configure your Kerberos file
(
c:\Windows\krb5.ini
) for IU: - Use to open Notepad (go to , then , right-click , and then select ), and then open:
- Copy the contents of the IU Kerberos configuration,
paste it into
c:\Windows\krb5.ini
, replacing the entire file, and then save the file. - Start the Network Information Manager (go to notification area. , then , and then ). It may appear as a small white cube in the
- Select , and then enter your IU username.
- Make sure "Realm" is set to
ADS.IU.EDU
, and then enter your IU passphrase. - Under "Options", choose
ADS.IU.EDU
.
. The default
realm should be - Click .
- Under "File", choose , and then click .
- On the left, click , and then click .
- For "Cell Name", enter
iu.edu
. - On the
Shift
-click the last cell in the list, and then click ).
tab, remove all cells (click the
first cell, then - Click
iu.edu
.
. "AFS Cell" should be
- Click until all windows are closed, and then reboot your computer.
- You should see a login window for obtaining a new AFS token. Enter your IU username and passphrase.
http://storage.iu.edu/CellServDB.txt
The OpenAFS client will now install the software. You will be prompted to reboot your workstation when the process is complete.
c:\Windows\krb5.ini
Add the following servers:
rfsb1.rfs.iu.edu rfsi1.rfs.iu.edu rfsi2.rfs.iu.edu
You should now be able to map a drive to your directory in AFS
(e.g., \\afs\iu.edu\home\d\v\dvader
).
Instructions for 64-bit Windows 7
Users of 64-bit Windows 7 will have to install 64-bit versions of Kerberos and OpenAFS:
- Download and install 64-bit Kerberos for Windows, using the install package from Secure Endpoints Inc., and choose the default install.
- After the install is complete, configure your Kerberos file
(
c:\Windows\krb5.ini
) for IU: - Use to open Notepad (go to , then , right-click , and then select ), and then open:
- Copy the contents of the IU Kerberos configuration,
paste it into
c:\Windows\krb5.ini
, replacing the entire file, and then save the file. - Download and install the 64-bit OpenAFS client for Windows, using the install package from OpenAFS.org, and choose the typical install:
- "Default cell" is
iu.edu
. - Leave other entries and checkboxes as they are.
- Click to indicate you will reboot your computer.
- After the install is complete, start the Network Information Manager (go to notification area. , then , and then ). It may appear as a small white cube in the
- Select , and then enter your IU username.
- Make sure "Realm" is set to
ADS.IU.EDU
, and then enter your IU passphrase. - Under "Options", choose
ADS.IU.EDU
.
. The default
realm should be - Click .
- Under "File", choose , and then click .
- On the left, click , and then click .
- For "Cell Name", enter
iu.edu
. - On the
Shift
-click the last cell in the list, and then click ).
tab, remove all cells (click the
first cell, then - Click
iu.edu
.
. "AFS Cell" should be
- Click until all windows are closed, and then reboot your computer.
- You should see a login window for obtaining a new AFS token. Enter your IU username and passphrase.
c:\Windows\krb5.ini
Add the following servers:
rfsb1.rfs.iu.edu rfsi1.rfs.iu.edu rfsi2.rfs.iu.edu
You should now be able to map a drive to your directory in AFS
(e.g., \\afs\iu.edu\home\d\v\dvader
).
Using Kerberos and OpenAFS
To verify that Kerberos and OpenAFS are working correctly, access
the drive to which you mapped your RFS account (via Windows
Explorer, or by entering Run
in the Windows 7 or
Vista menu search field). You should be able to
perform the usual file- and folder-related operations.
After you've configured OpenAFS on your workstation, the behavior of the Kerberos Ticket Manager will depend on the nature of your subsequent logins. If you log into the ADS realm, you will see the ticket initialization prompt, which prompts you for your username and passphrase.
Kerberos tickets and AFS tokens have a lifetime of ten hours. If your session exceeds ten hours, you can ensure continued access to RFS by clicking
in the Leash Kerberos Ticket Manager menu and selecting .
This is document arxq in the Knowledge Base.
Last modified on 2018-01-18 14:56:24.