-This file is a rough list of known issues with the 1.3.63 release of OpenAFS
+This file is a rough list of known issues with the 1.3.80 release of OpenAFS
on Windows. This list is not complete. There are probably other issues
which can be found in the RT database or on the mailing list.
(1) File/Directory access is not integrated with windows security
-(2) tokens are assigned to the service on a system global basis. Therefore,
-all users and processes on the machine are able to access files with the
-list of available tokens. This is dangerous if anonymous logins are enabled;
-or if multiple users are on the machine (ie, Terminal Server or XP user
-switching)
-
(3) SMB LANA list is static.
(3a) IP address changes cause the service to terminate due to an assertion
in smb_Listener() thread.
-(3b) New IP addresses do not get bound
+(3b) New IP addresses do not get bound to the SMB server
(3c) Loopback adapter hack:
(i) prevents use of AFS Gateway
and RX protocol operations. There was also an issue with large numbers of
page faults which have since been fixed.
-(5) The AFS SMB code logs numerous 1002 events each day. This is caused
-when an invalid SMB message are being processed from within the client.
-It is unclear if the invalid SMB message has been received or is being sent.
-
-(6) The AFS client service causes MRxSMB to produce 3019 events. This is probably
-the result of either malformed messages or invalid LANA values being used.
-
-(7) There appear to be directory locking problems associated with renaming
-directories.
+Things are not quite this bad anymore. We are 10% slower than OpenAFS on
+Linux but we could still be doing quite a bit faster if we were using an
+IFS.
-(8) File termination differences between Win9x and nt/w2k/xp (Jim Peterson)
+(7) File termination differences between Win9x and nt/w2k/xp (Jim Peterson)
-(9) How to silence "Explorer" when the mapped drive is not available?
+(8) How to silence "Explorer" when the mapped drive is not available?
-(10) Convert to IFS!!!!!!
+(9) Convert to IFS!!!!!!
-(11) Kerberos 5 integration:
-(11f) allow arbitrary cell to realm mappings
-(11g) modify UI to allow user to choose whether to authenticate
+(10) Kerberos 5 integration:
+(10f) allow arbitrary cell to realm mappings
+(10g) modify UI to allow user to choose whether to authenticate
using Kerberos or AFS
-(11h) modify UI to allow user to select an existing principal to
+(10h) modify UI to allow user to select an existing principal to
be used to request AFS tokens
-(11i) modify UI to display Kerberos 5 ticket info (principal,
+(10i) modify UI to display Kerberos 5 ticket info (principal,
ticket lifetimes, etc)
-(12) Default cell is system global just like everything else. Different
+(11) Default cell is system global just like everything else. Different
users logging in via Integrated Logon or using afscreds.exe cannot
be automatically prompted for different cells
-(13) AFS Integrated Logon:
-(13a) Obtain tokens via Kerberos 5
-(13b) If using Kerberos, need to figure out a means of passing credentials
+(12) AFS Integrated Logon:
+(12b) If using Kerberos, need to figure out a means of passing credentials
into the user space until such time as I finish the new credential
cache service.
-(13c) If network is not available must store the username and password
+(12c) If network is not available must store the username and password
somewhere until such time as the network starts.
-(14) Loopback adapter is not always installed with bindings to "File and
- Printer Sharing for Microsoft Networks" or "Client for Microsoft
- Networks". If these are not bound then SMB names will successfully
+(13) Loopback adapter is not always installed without bindings to "File and
+ Printer Sharing for Microsoft Networks" and with bindings to "Client for Microsoft
+ Networks". If these are not bound correct then SMB names will successfully
be published to a list of zero which causes the AFS not to function.
We need a way to test whether the Loopback adapter is properly bound
so we know if it is safe to use. Actually, it is worse. Even with
the bindings on Win2000 the loopback adapter frequently fails to publish
SMB names. Of course, the error messages report nothing.
-(15) If a drive mapping is "in use", then afscreds cannot be used to Modify
+(14) If a drive mapping is "in use", then afscreds cannot be used to Modify
or Delete the Mapping. If a map to "H:" to \afs\cell\foo" with
description "home" is modified to point to \afs\cell\bar, then the
description must be unique. "home" cannot be reused. We need a way
to remove "home" from the submount list.
-(16) WinAFS configuration values are still stored in old style INI files
- instead of using the Registry. This is especially important for
- per-user values such as drive mappings
+ [Actually, an end user should not be able to modify the submount list]
-(17) Drive mappings are lost on WinXP after return from Standby. (This could
+(15) Drive mappings are lost on WinXP after return from Standby. (This could
be because the AFS Client Service fails OR because the RX protocol is
temporarily unable to access the Cell due to network restore timing
issues.)
-(18) No support for Unicode filenames. Translations make file unreadable
+(16) No support for Unicode CIFS/SMB data structures. OEM Code Pages prevent
+ the use of interoperable file names; force the use of paths no longer
+ than 256 characters; force share names to be no longer than 13
+ characters; restrict authentication to ASCII only names and passwords;
+ etc.
-(19) No auto-restart on service failure
+(17) No auto-restart on service failure
-(20) Better EventLog handling
+(18) Better EventLog handling
-(21) Named Pipes Support
+(19) Named Pipes Support [requires modifications to AFS servers to support]
-(22) Memory Mapped File support
+(20) Memory Mapped File support
-(23) Large file support
+(21) Large file support [both SMB/CIFS and AFS]
-(24) Execution of debug builds indicates corruption of run time library
- allocated memory blocks due to buffer overruns. This may be the
- result of improper object locking or out of bounds access.
+(22) Implement persistent disk based cache which survives restarts
-(25) AFS Shell Extensions do not work on UNC paths of the form \\AFS\...
- They only work on mapped drives.
+(23) NSIS Installer issues
+ (a) integration with KFW install script
+ (b) Optional removal of AFS Server volumes
-(26) Implement persistent disk based cache which survives restarts
-
-(27) NSIS Installer issues for re-installs
- (a) AFS Server Configurator should not start on update
- (b) AFS Server Volumes and Configuration Data should not be
- removed on uninstall
-
-(28) The User Interface needs to be re-designed to separate the per-user
+(24) The User Interface needs to be re-designed to separate the per-user
and per-machine settings. All of the new registry items need to
be added to the UI
-(29) Windows XP SP2 and Windows 2003 SP1 are going to lockdown the
- machine. We need to add code to programatically open the
- Internet Connection Firewall to the ports needed by the various
- AFS services.
+(25) CIFS Remote Administration Protocol implementation is incomplete.
+ Notifications are not made to requestors when the view of a file
+ or folder changes due to token acquisition; token expiration; or
+ token destruction
+
+(26) Remove submount creation as a side effect of AFS drive mapping.
+
+ The AFS Submount is effectively a server side alias for a path
+ located in the AFS space. This alias is exported by the AFS
+ SMB/CIFS Server to the Windows SMB/CIFS client as a Share name.
+ This makes the AFS Submount a system global setting which should
+ only be modified by a member of the "AFS Client Admin" group.
+
+ afs_creds.exe and afs_config.exe should be modified to no longer
+ use submount names when creating drive maps. Drive maps should
+ simply use the full AFS path name. Submounts should not be
+ created as a side effect of a drive mapping.
+
+ The creation of submounts should only be possible via afsshare.exe
+ or by the new AFS Client Service Administration tool when executed
+ by an authorized user.
+
+
+-------------------------------------------------------------------------
+List of unfunded projects:
+
+ 1. No longer use AFS Client Service "cell" as the default cell for individual users
+ 2. Prevent panic situation when the root.afs volume is not reachable and
+ the AFS Client Server is not using Freelance mode
+ 3. Prevent panic situation when the IP address to which the SMB server is bound is removed
+ from the local machine's network configuration
+ 4. Add support for Named Pipes within the afs filesystem
+ (This is not currently a supported feature of AFS; it will require
+ changes to the servers as well as the clients.)
+ 5. Re-write afscreds.exe to support:
+ 1. choosing between Kerberos 5 and Kerberos 4 on a per principal basis
+ 2. providing users with the ability to map multiple cells to a single principal
+ 3. providing change password functionality on a per principal basis
+ 4. no longer include drive mapping
+ 5. configuration of afscreds startup options in shortcut
+ 6. Re-write afs_config.exe to be only "per user" functionality which does not require admin
+ privileges
+ 1. default cell and principal for the user
+ 2. drive mappings but no submounts
+ 3. visibility of afs creds and setting of afs creds startup options
+ 7. Create new afs_admin.exe tool to be installed in the administrator folder (or use MMS)
+ which contains
+ 1. afs client service cell name
+ 2. integrated logon configuration
+ 3. Gateway configuration
+ 4. start/stop service
+ 5. global drive mapping
+ 6. submount management
+ 7. file/volume server preferences
+ 8. afs cells
+ 9. cache configuration
+ 10. diagnostics
+ 11. network configuration
+ 12. miscellaneous
+ 13. need to add support for all of the new registry values since 1.2.8
+ 8. Identify why 16-bit DOS applications executed out of AFS fail
+ 9. Add support for configurable Icon file representing AFS folders within the Explorer Shell
+ 10. Documentation Documentation Documentation
+ 11. Large File support (> 2GB) in SMB/CIFS client
+ 12. Integrate KFW installation into the NSIS and MSI installers
+ 13. Add support for record locking to AFS (requires changes to the servers)
+ 14. Unicode enable the SMB/CIFS server. OEM Code Pages:
+ 1. prevent the use of interoperable file names
+ 2. force the use of paths no longer than 256 characters
+ 3. force share names to be no longer than 13 characters
+ 4. restrict authentication to ASCII only names and passwords
+ 15. Complete implementation of CIFS Remote Administration Protocol
+ 16. Add support for SMB/CIFS Digital Signatures
+ 17. Development of afsmap.exe tool to provide AFS aware NET USE functionality
+ afsmap.exe <drive> <afs-path> [/PERSISTENT]
+ afsmap.exe <drive> <unc-path> [/PERSISTENT]
+ afsmap.exe <drive> /DELETE
+ 18. Missing SMB/CIFS functions:
+ Find
+ FindUnique
+ FindClose
+ ReadBulk
+ WriteBulk
+ WriteBulkData
+ Tran2::SessionSetup
+ 19. StoreBehind mode is not implemented. Or more correctly, all data is
+ written directly to the server and is not cached. Writes invalidate
+ the local cache entries which are then read back from the server.
+ 20. Develop an optional Installable File System replacement for the SMB/CIFS
+ Server.
+ 21. Add support for storing Extended Attributes on files
+ 22. Add support for storing Windows ACLs on files
+ 23. Remove submount creation as a side effect of drive creation
+ 24. Finish conversion from string.h to strsafe.h for VS.NET 2005
+
git://git.openafs.org / openafs.git / blobdiff