|
|
|---|
 |
Get Help!
Computer Problem
Network Problem
Printer Problem
Restore from backup
Register Host
Backup a host
Printer Access
UNIX Account
Policies
New Account Activation
Xenon Usage Policies
Security
University Policies
more...
FAQs & Documentation
Email @CS
AFS Primer
more...
About Us
CSD-CF Team
Services Provided
Supported Groups
Computing Environment
Software Downloads
Expected Downtimes
Pedit | Medit
Spam Filter Settings
Kerberos and AFS for Windows
This document describes how to access your CS AFS files from a Windows NT, 2000, or XP computer by installing Kerberos for Windows and the OpenAFS client.
Introduction
If you need to access your files in AFS (your CS home directory or group project web pages, for example), you must install two packages. First, the OpenAFS Client for Windows, allows your Windows NT, Windows 2000, or Windows XP computer communicate with the AFS server. Second, you must install Kerberos for Windows, which authenticates you to the CS kerberos realm, allowing you to access your files.
Installing OpenAFS for Windows
- Download the latest release (1.4.0) of OpenAFS for Windows.
- Run
the installer program you just downloaded. Note that the version show
in the following screen shots may differ slightly from the version you
will be running.
- Select the default components to install: AFS Client and MS Loopback Adapter are required, and Supplemental Documentation is optional.
- Choose a location to install OpenAFS. The default is recommended.
- Choose the location of the CellServDB file by selecting Use packages CellServDB file.
- Set the AFS cell name to cs.stanford.edu. We recommend leaving the other client options at their default values.
- Choose the AFS Crendentials settings. The boxes labeled Auto initialize AFS Credentials and Show credentials window on startup should NOT be checked. All other boxes SHOULD be checked.
- The OpenAFS client will now install the software. When it is finished, it will ask you if you want to reboot now. Choose I want to reboot manually later. Move on to the next section in these instructions to install Kerberos for Windows.
Installing Kerberos for Windows
- Download the latest release of Kerberos for Windows.
- Run
the installer program you just downloaded. Note that the version show
in the following screen shots may differ slightly from the version you
will be running.
- Agree to the copyright notice and legal administrivia.
- Choose the Kerberos for Windows components to install. KfW Client is required, all other components are optional.
- Tell the installer where to get a configuration file. Choose Download from web path, and enter http://cs.stanford.edu/config/krb5.ini. (If for some reason the installer fails to download this file, you can download it later and save it to C:\Windows\krb5.ini.)
- Set the the Leash ticket manager options you want. We recommend the default settings.
- The installer will setup the software. When it is finished, reboot your computer.
Using Kerberos and AFS
Now that you have Kerberos and OpenAFS installed on your Windows system, verify that both components are working correctly
Verify the proper operation of Kerberos by starting the Leash Kerberos Ticket Manager.
You should be able to initialize a ticket by entering your CS ID and password. The Realm drop down box should say CS.STANFORD.EDU.
If you are successful, the Leash icon (the dog head) on the Windows taskbar will turn green:
You can view your current tickets and tokens by double-clicking on the Leash icon. You should have Kerberos Four and Kerberos Five tickets, and an AFS token.
You should be able to access any files in AFS you are authorized to. You can get to your home directory, for instance, by entering the location \\afs\cs.stanford.edu\u\csid (where csid is your CS ID) into a Windows explorer window or mapping that location to a drive.
Remember that your tickets and tokens have a limited lifetime before they must be reinitialized. When your tickets have expired, the Leash icon in the Windows toolbar will turn red, and you loose access to your files.