[openafs.git] / doc / txt / winnotes / registry.txt

Registry keys and Environment Variables used in the Windows AFS Client
as of release 1.4.0000
======================================================================

REGISTRY KEYS:

1. Service parameters
---------------------

The service parameters primarily affect the behavior of the AFS client
service (afsd_service.exe).

Regkey:
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]

Value   : LANadapter
Type    : DWORD
Default : -1
Variable: LANadapter

  LAN adapter number to use.  This is the lana number of the LAN
  adapter that the SMB server should bind to.  If unspecified or set
  to -1, a LAN adapter with named 'AFS' or a loopback adapter will be
  selected.  If neither are present, then all available adapters will
  be bound to.  When binding to a non-loopback adapter, the NetBIOS
  name '%hostname%-AFS' will be used (where %hostname% is the NetBIOS
  name of the host truncated to 11 characters). Otherwise, the NetBIOS
  name will be 'AFS'.

Value   : CacheSize
Type    : DWORD
Default : 98304 (CM_CONFIGDEFAULT_CACHESIZE)
Variable: cm_initParams.cacheSize

  Size of the AFS cache in 1k blocks.

Value   : ChunkSize
Type    : DWORD
Default : 17 (CM_CONFIGDEFAULT_CHUNKSIZE)
Variable: cm_logChunkSize (cm_chunkSize = 1 << cm_logChunkSize)

  Size of chunk for reading and writing. Actual chunk size is 2^cm_logChunkSize.

Value   : Daemons
Type    : DWORD
Default : 2 (CM_CONFIGDEFAULT_DAEMONS)
Variable: numBkgD

  Number of background daemons (number of threads of
  cm_BkgDaemon). (see cm_BkgDaemon in cm_daemon.c)

Value   : ServerThreads
Type    : DWORD
Default : 25 (CM_CONFIGDEFAULT_SVTHREADS)
Variable: numSvThreads

  Number of SMB server threads (number of threads of smb_Server). (see
  smb_Server in smb.c).

Value   : Stats
Type    : DWORD
Default : 10000 (CM_CONFIGDEFAULT_STATS)
Variable: cm_initParams.nStatCaches

  Cache configuration.

Value   : LogoffPreserveTokens
Type    : DWORD {1,0}
Default : 0

  If enabled (set to 1), the Logoff Event handler will not attempt
  to delete the user's tokens if the user's profile is stored outside
  of AFS.

Value   : RootVolume
Type    : REG_SZ
Default : "root.afs"
Variable: cm_rootVolumeName

  Root volume name.

Value   : Mountroot
Type    : REG_SZ
Default : "/afs"
Variable: cm_mountRoot

  Name of root mount point.  In symlinks, if a path starts with
  cm_mountRoot, it is assumed that the path is absolute (as opposed to
  relative) and is adjusted accordingly. Eg: if a path is specified as
  /afs/athena.mit.edu/foo/bar/baz and cm_mountRoot is "/afs", then the
  path is interpreted as \\afs\all\athena.mit.edu\foo\bar\baz.  If a
  path does not start with with cm_mountRoot, the path is assumed to
  be relative and suffixed to the reference directory (i.e. directory
  where the symlink exists)
 

Value   : CachePath
Type    : REG_SZ or REG_EXPAND_SZ
Default : "%TEMP%\AFSCache"
Variable: cm_CachePath

  Location of on-disk cache file.  The default is the SYSTEM account's
  TEMP directory.  The attributes assigned to the file are HIDDEN and
  SYSTEM.


Value   : NonPersistentCaching
Type    : DWORD [0..1]
Default : 0
Variable: buf_CacheType

  When this registry value is set to a non-zero value, the CachePath
  value is ignored and the cache data is stored in the windows paging
  file.  This prevents the use of persistent caching (when available)
  as well as the ability to alter the size of the cache at runtime
  using the "fs setcachesize" command.


Value   : ValidateCache
Type    : DWORD [0..2]
Default : 1
Variable: buf_CacheType

  This value determines if and when persistent cache validation is 
  performed.
    0 - Validation is disabled
    1 - Validation is performed at startup
    2 - Validation is performed at shutdown


Value   : TrapOnPanic
Type    : DWORD {1,0}
Default : 0
Variable: traceOnPanic

  Issues a breakpoint in the event of a panic. (breakpoint: _asm int 3).

Value   : NetbiosName
Type    : REG_EXPAND_SZ
Default : "AFS"
Variable: cm_NetbiosName

  Specifies the NetBIOS name to be used when binding to a Loopback
  adapter.  To provide the old behavior specify a value of 
  "%COMPUTERNAME%-AFS"

Value   : IsGateway
Type    : DWORD {1,0}
Default : 0
Variable: isGateway

  Select whether or not this AFS client should act as a gateway.  If
  set and the NetBIOS name hostname-AFS is bound to a physical NIC,
  other machines in the subnet can access AFS via SMB connections to
  hostname-AFS.

  When IsGateway is non-zero, the LAN adapter detection code will
  avoid binding to a loopback adapter.  This will ensure that the
  NetBIOS name will be of the form hostname-AFS instead of the value
  set by the "NetbiosName" registry value.

Value   : ReportSessionStartups
Type    : DWORD {1,0}
Default : 0
Variable: reportSessionStartups

  If enabled, all SMB sessions created are recorded in the Application
  event log.  This also enables other events such as drive mappings
  or various error types to be logged.

Value   : TraceBufferSize
Type    : DWORD
Default : 5000 (CM_CONFIGDEFAULT_TRACEBUFSIZE)
Variable: traceBufSize

  Number of entries to keep in trace log.

Value   : SysName
Type    : REG_SZ
Default : "i386_nt40"
Variable: cm_sysName

  Provides an initial value for "fs sysname".  The string can contain
  one or more replacement values for @sys in order of preference separated 
  by whitespace.

Value   : SecurityLevel
Type    : DWORD {1,0}
Default : 0
Variable: cryptall

  Enables encryption on RX calls.

Value   : UseDNS
Type    : DWORD {1,0}
Default : 1
Variable: cm_dnsEnabled

  Enables resolving volservers using AFSDB DNS queries. (see
  afsdb-freelance-notes).

  As of 1.3.60, this value is ignored as the DNS query support
  utilizes the Win32 DNSQuery API which is available on Win2000
  and above.

Value   : FreelanceClient
Type    : DWORD {1,0}
Default : 0
Variable: cm_freelanceEnabled

  Enables freelance client. (see afsdb-freelance-notes)

Value   : HideDotFiles
Type    : DWORD {1,0}
Default : 1
Variable: smb_hideDotFiles

  Enables marking dotfiles with the hidden attribute.  Dot files are
  files whose name starts with a period (excluding "." and "..").

Value   : MaxMpxRequests
Type    : DWORD
Default : 50
Variable: smb_maxMpxRequests

  Maximum number of multiplexed SMB requests that can be made.

Value   : MaxVCPerServer
Type    : DWORD
Default : 100
Variable: smb_maxVCPerServer

  Maximum number of SMB virtual circuits.

Value   : Cell
Type    : REG_SZ
Default : <none>
Variable: rootCellName

  Name of root cell (the cell from which root.afs should be mounted in
  \\afs\all).

Value   : RxNoJumbo
Type    : DWORD {0,1}
Default : 0
Variable: rx_nojumbo

  If enabled, does not send or indicate that we are able to send or
  receive RX jumbograms.

Value   : RxMaxMTU
Type    : DWORD
Default : -1
Variable: rx_mtu

  If set to anything other than -1, uses that value as the maximum MTU
  supported by the RX interface.

  In order to enable OpenAFS to operate across the Cisco IPSec VPN
  client, this value must be set to 1264 or smaller.

Value   : ConnDeadTimeout
Type    : DWORD
Default : 60 (seconds)
Variable: ConnDeadtimeout

  The Connection Dead Time is enforced to be at a minimum 15 seconds 
  longer than the minimum SMB timeout as specified by 

  HKLM\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters
    SessTimeout

  If the minimum SMB timeout is not specified the value is 45 seconds.
  See http://support.microsoft.com:80/support/kb/articles/Q102/0/67.asp


Value   : HardDeadTimeout
Type    : DWORD
Default : 120 (seconds)
Variable: HardDeadtimeout

  The Hard Dead Time is enforced to be at least double the ConnDeadTimeout.
  The provides an opportunity for at least one retry.


Value  : TraceOption
Type   : DWORD {0, 1, 2, 3}
Default : 0

  Enables logging of debug output to the Windows Event Log.
  Bit 0 enables logging of "Logon Events" processed by the Network Provider
  and Winlogon Event Notification Handler.  
  Bit 1 enables logging of events captured by the AFS Client Service.

Value   : AllSubmount
Type    : DWORD {0, 1}
Default : 1
Variable: allSubmount (smb.c)

  By setting this value to 0, the "\\NetbiosName\all" mount point 
  will not be created.  This allows the read-write versions of 
  root.afs to be hidden.

Value   : NoFindLanaByName
Type    : DWORD {0, 1}
Default : 0

  Disables the attempt to identity the network adapter to use by 
  looking for an adapter with a display name of "AFS".

Value   : MaxCPUs
Type    : DWORD {1..32} or {1..64} depending on the architecture
Default : <no default>

  If this value is specified, afsd_service.exe will restrict itself
  to executing on the specified number of CPUs if there are a greater
  number installed in the machine.  

  NOTE: Setting this entry to "1" may be required on hyperthreaded 
  systems to avoid crashes in the RX library.

Value   : smbAuthType
Type    : DWORD {0..2} 
Default : 2

  If this value is specified, it defines the type of SMB authentication    
  which must be present in order for the Windows SMB client to connect
  to the AFS Client Service's SMB server.  The values are:
    0 = No authentication required
    1 = NTLM authentication required
    2 = Extended (GSS SPNEGO) authentication required
  The default is Extended authentication

Value   : MaxLogSize
Type    : DWORD {0 .. MAXDWORD}
Default : 100K

  This entry determines the maximum size of the %WINDIR%\TEMP\afsd_init.log 
  file.  If the file is larger than this value when afsd_service.exe starts
  the file will be reset to 0 bytes.  If this value is 0, it means the file
  should be allowed to grow indefinitely.

Value   : FlushOnHibernate
Type    : DWORD {0,1}
Default : 1

  If set, flushes all volumes before the machine goes on hibernate or
  stand-by.

Regkey:
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters\GlobalAutoMapper]

Value   : <Drive Letter:> for example "G:"
Type    : SZ

    Specifies the submount name to be mapped by afsd_service.exe at startup
    to the provided drive letter.


Regkey:
[HKLM\SOFTWARE\OpenAFS\Client]

Value   : CellServDBDir
Type    : REG_SZ
Default : <not defined>

  Specifies the directory containing the CellServDB file.
  When this value is not specified, the AFS Client install
  directory is used.


Value   : VerifyServiceSignature
Type    : REG_DWORD
Default : 0x1

  This value can be used to disable the runtime verification of 
  the digital signatures applied to afsd_service.exe and the 
  OpenAFS DLLs it loads.  This test is performed to verify that 
  the DLLs which are loaded by afsd_service.exe are from the 
  same distribution as afsd_service.exe.  This is to prevent
  random errors caused when DLLs from one distribution of AFS
  are loaded by another one.  This is not a security test.  The
  reason for disabling this test is to free up additional memory
  which can be used for a large cache size.


Value   : IoctlDebug
Type    : REG_DWORD
Default : 0x0

  This value can be used to debug the cause of pioctl() failures.
  Set a non-zero value and the pioctl() library will output status
  information to stdout.  Executing command line tools such as
  tokens.exe, fs.exe, etc can then be used to determine why the
  pioctl() call is failing. 


Value   : MiniDumpType
Type    : REG_DWORD
Default : 0x0 (MiniDumpNormal)

  This value is used to specify the type of minidump generated by
  afsd_service.exe either when the process crashes or when a user
  initiated is dump file is generated with the "fs.exe minidump"
  command.

  Valid values are dependent on the version of DbgHelp.dll installed
  on the machine.  See the Microsoft Developer Library for further
  information.

  MiniDumpNormal = 0x00000000,
  MiniDumpWithDataSegs = 0x00000001,
  MiniDumpWithFullMemory = 0x00000002,
  MiniDumpWithHandleData = 0x00000004,
  MiniDumpFilterMemory = 0x00000008,
  MiniDumpScanMemory = 0x00000010,
  MiniDumpWithUnloadedModules = 0x00000020,
  MiniDumpWithIndirectlyReferencedMemory = 0x00000040,
  MiniDumpFilterModulePaths = 0x00000080,
  MiniDumpWithProcessThreadData = 0x00000100,
  MiniDumpWithPrivateReadWriteMemory = 0x00000200,
  MiniDumpWithoutOptionalData = 0x00000400,
  MiniDumpWithFullMemoryInfo = 0x00000800,
  MiniDumpWithThreadInfo = 0x00001000,
  MiniDumpWithCodeSegs = 0x00002000


Value   : StoreAnsiFilenames
Type    : REG_DWORD
Default : 0x0

  This value can be used to force the AFS Client Service to
  store filenames using the Windows system's ANSI character set
  instead of the OEM Code Page character set which has traditionally
  been used by SMB file systems.  

  Note: The use of ANSI characters will render access to files
  with 8-bit OEM file names unaccessible from Windows.  This option
  is of use primarily when you wish to allow file names produced
  on Windows to be accessible from Latin-1 Unix systems and vice
  versa.


Regkey:
[HKLM\SOFTWARE\OpenAFS\Client\CSCPolicy]

Value   : "smb/cifs share name"
Type    : REG_SZ
Default : <none>

    This key is used to map SMB/CIFS shares to Client Side Caching 
    (off-line access) policies. For each share one of the following
    policies may be used: "manual", "programs", "documents", "disable"

    These values used to be stored in afsdsbmt.ini

Regkey:
[HKLM\SOFTWARE\OpenAFS\Client\Freelance]

Value   : "numeric value"
Type    : REG_SZ
Default : <none>

    This key is used to store dot terminated mount point strings 
    for use in constructing the fake root.afs volume when Freelance
    (dynamic roots) mode is activated.

        "athena.mit.edu#athena.mit.edu:root.cell."
        ".athena.mit.edu%athena.mit.edu:root.cell."

    These values used to be stored in afs_freelance.ini


Regkey:
[HKLM\SOFTWARE\OpenAFS\Client\Freelance\Symlinks]

Value   : "numeric value"
Type    : REG_SZ
Default : <none>

    This key is used to store a dot terminated symlink strings 
    for use in constructing the fake root.afs volume when Freelance
    (dynamic roots) mode is activated.

        "linkname:destination-path."
        "athena:athena.mit.edu."
        "home:athena.mit.edu\user\j\a\jaltman."
        "filename:path\file."


Regkey:
[HKLM\SOFTWARE\OpenAFS\Client\Submounts]

Value   : "submount name"
Type    : REG_EXPAND_SZ
Default : <none>

    This key is used to store mappings of unix style AFS paths
    to submount names which can be referenced as UNC paths.
    For example the submount string "/athena.mit.edu/user/j/a/jaltman"
    can be associated with the submount name "jaltman.home".
    This can then be referenced as the UNC path \\AFS\jaltman.home.

    These values used to be stored in afsdsbmt.ini

    NOTE: Submounts should no longer be used with OpenAFS.
    Use the Windows Explorer to create drive mappings to AFS UNC
    paths instead of using the AFS Submount mechanism.


Regkey:
[HKLM\SOFTWARE\OpenAFS\Client\Server Preferences\VLDB]

Value   : "hostname or ip address"
Type    : REG_DWORD
Default : <none>

    This key is used to specify a default set of VLDB server preferences.
    For each entry the value name will be either the IP address of a server
    or a fully qualified domain name.  The value will be the ranking.  The
    ranking will be adjusted by a random value between 0 and 256 prior to
    the preference being set.


Regkey:
[HKLM\SOFTWARE\OpenAFS\Client\Server Preferences\File]

Value   : "hostname or ip address"
Type    : REG_DWORD
Default : <none>

    This key is used to specify a default set of File server preferences.
    For each entry the value name will be either the IP address of a server
    or a fully qualified domain name.  The value will be the ranking.  The
    ranking will be adjusted by a random value between 0 and 256 prior to
    the preference being set.



2. Network provider parameters
------------------------------
Affects the network provider (afslogon.dll).

Regkey:
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]

Value   : FailLoginsSilently
Type    : DWORD
Default : 0

  Do not display message boxes if the login fails.

Regkey:
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]

Value   : NoWarnings
Type    : DWORD
Default : 0

  Disables visible warnings during logon.

Value   : AuthentProviderPath
Type    : REG_SZ
NSIS    : %WINDIR%\SYSTEM32\afslogon.dll

  Specifies the install location of the authentication provider dll.

Value   : Class
Type    : DWORD
NSIS    : 0x02

  Specifies the class of network provider

Value   : DependOnGroup
Type    : REG_MULTI_SZ
NSIS    : PNP_TDI

  Specifies the service groups upon which the AFS Client Service 
  depends.  Windows should not attempt to start the AFS Client Service
  until all of the services within these groups have successfully 
  started.

Value   : DependOnService
Type    : REG_MULTI_SZ
NSIS    : Tcpip NETBIOS RpcSs

  Specifies a list of services upon which the AFS Client Service 
  depends.  Windows should not attempt to start the AFS Client Service
  until all of the specified services have successfully started.
  
Value   : Name
Type    : REG_SZ
NSIS    : "OpenAFSDaemon"

  Specifies the display name of the AFS Client Service

Value   : ProviderPath
Type    : REG_SZ
NSIS    : %WINDIR%\SYSTEM32\afslogon.dll

  Specifies the DLL to use for the network provider


2.1 Domain specific configuration keys for the Network Provider
---------------------------------------------------------------

The network provider can be configured to have different behavior
depending on the domain that the user logs into.  These settings are
only relevant when using integrated login.  A domain refers to an
Active Directory (AD) domain, a trusted Kerberos (non-AD) realm or the
local machine (i.e. local account logins).  The domain name that is
used for selecting the domain would be the domain that is passed into
the NPLogonNotify function of the network provider.

Domain specific registry keys are :

[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]
  (NP key)

[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain]
  (Domains key)

[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\"domain name"]
  (Specific domain key. One per domain.)

[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\LOCALHOST]
  (Localhost key)

eg:
 HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider
  |
  +- Domain
     +-AD1.EXAMPLE.COM
     +-AD2.EXAMPLE.NET
     +-LOCALHOST

Each of the domain specific keys can have the set of values described
in 2.1.1.  The effective values are chosen as described in 2.1.2.

2.1.1  Domain specific configuration values
-------------------------------------------
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider]
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain]
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\"domain name"]
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider\Domain\LOCALHOST]

  Value   : LogonOptions
  Type    : DWORD
  Default : 0x01
  NSIS/WiX: depends on user configuration

  0x00 - Integrated Logon is not used
  0x01 - Integrated Logon is used
  0x02 - High Security Mode is used
  0x03 - Integrated Logon with High Security Mode is used

  High Security Mode generates random SMB names for the creation of
  Drive Mappings.  This mode should not be used without Integrated Logon.

  As of 1.3.65 the SMB server supports SMB authentication.  The High
  Security Mode should not be used when using SMB authentication
  (SMBAuthType setting is non zero).

  Value   : FailLoginsSilently
  Type    : DWORD (1|0)
  Default : 0
  NSIS/WiX: (not set)

     If true, does not display any visible warnings in the event of an
     error during the integrated login process.

  Value   : LogonScript
  Type    : REG_SZ or REG_EXPAND_SZ
  Default : (null)
  NSIS/WiX: (only value under NP key) <install path>\afscreds.exe -:%s -x -a -m -n -q

     A logon script that will be scheduled to be run after the profile
     load is complete.  If using the REG_EXPAND_SZ type, you can use
     any system environment variable as "%varname%" which would be
     expanded at the time the network provider is run.  Optionally
     using a "%s" in the value would result in it being expanded into
     the AFS SMB username for the session.

  Value   : LoginRetryInterval
  Type    : DWORD
  Default : 30
  NSIS/WiX: (not set)

     If the OpenAFS client service has not started yet, the network
     provider will wait for a maximum of "LoginRetryInterval" seconds
     while retrying every "LoginSleepInterval" seconds to check if the
     service is up.

  Value   : LoginSleepInterval
  Type    : DWORD
  Default : 5
  NSIS/WiX: (not set)

     See description of LoginRetryInterval.

  Value   : TheseCells
  Type    : REG_MULTI_SZ
  NSIS    : <not set>

    When Kerberos 5 is being used, TheseCells provides a list of additional
    cells for which tokens should be obtained with the default Kerberos 5 
    principal.


2.1.2  Selection of effective values for domain specific configuration
----------------------------------------------------------------------

  During login to domain X, where X is the domain passed into
  NPLogonNotify as lpAuthentInfo->LogonDomainName or the string
  'LOCALHOST' if lpAuthentInfo->LogonDomainName equals the name of the
  computer, the following keys will be looked up.

    1. NP key. ("HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\NetworkProvider")
    2. Domains key. (NP key\"Domain")
    3. Specific domain key. (Domains key\X)

  If the specific domain key does not exist, then the domains key will
  be ignored.  All the configuration information in this case will
  come from the NP key.

  If the specific domain key exists, then for each of the values
  metioned in (2), they will be looked up in the specific domain key,
  domains key and the NP key successively until the value is found.
  The first instance of the value found this way will be the effective
  for the login session.  If no such instance can be found, the
  default will be used.  To re-iterate, a value in a more specific key
  supercedes a value in a less specific key.  The exceptions to this
  rule are stated below.

2.1.3  Exceptions to 2.1.2
--------------------------

  To retain backwards compatibility, the following exceptions are made
  to 2.1.2.

2.1.3.1 'FailLoginsSilently'

  Historically, the 'FailLoginsSilently' value was in
  HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters
  key and not in the NP key.  Therefore, for backwards compatibility,
  the value in the Parameters key will supercede all instances of this
  value in other keys.  In the absence of this value in the Parameters
  key, normal scope rules apply.

2.1.3.2 'LogonScript'

  If a 'LogonScript' is not specified in the specific domain key nor
  in the domains key, the value in the NP key will only be checked if
  the effective 'LogonOptions' specify a high security integrated
  login.  If a logon script is specified in the specific domain key or
  the domains key, it will be used regardless of the high security
  setting.  Please be aware of this when setting this value.


3. AFS Credentials System Tray Tool parameters
----------------------------------------------
Affects the behavior of afscreds.exe

Regkey:
[HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters]

Value   : Gateway
Type    : REG_SZ
Default : ""
Function: GetGatewayName()

  If the AFS client is utilizing a gateway to obtain AFS access, 
  the name of the gateway is specified by this value.

Value   : Cell
Type    : REG_SZ
Default : <none>
Variable: IsServiceConfigured()

  The value Cell is used to determine if the AFS Client Service has
  been properly configured or not.


Regkey:
[HKLM\SOFTWARE\OpenAFS\Client]
[HKCU\SOFTWARE\OpenAFS\Client]

Value   : ShowTrayIcon
Type    : DWORD {0, 1}
Default : 1
Function: InitApp(), Main_OnCheckTerminate()

  This value is used to determine whether or not a shortcut should be
  maintained in the user's Start Menu->Programs->Startup folder. 

  This value used to be stored at 
  [HKLM\Software\TransarcCorporation\AFS Client\AfsCreds].

  The current user value is checked first; if it does not exist the local 
  machine value is checked.


Value   : EnableKFW
Type    : DWORD {0, 1}
Default : 1
Function: KFW_is_available()

  When MIT Kerberos for Windows can be loaded, Kerberos 5 will be used
  to obtain AFS credentials.  By setting this value to 0, the internal
  Kerberos 4 implementation will be used instead.  The current user value 
  is checked first; if it does not exist the local machine value is checked.

Value   : Use524
Type    : DWORD {0, 1}
Default : 0
Function: KFW_use_krb524()

  When MIT Kerberos for Windows can be loaded, Kerberos 5 will be used
  to obtain AFS credentials.  By setting this value to 1, the Kerberos 5
  tickets will be converted to Kerberos 4 tokens via a call to the krb524
  daemon.  The current user value is checked first; if it does not exist 
  the local machine value is checked.

Value   : AfscredsShortcutParams
Type    : REG_SZ
Default : "-A -M -N -Q"
Function: Shortcut_FixStartup

  This value specifies the command line options which should be set
  as part of the shortcut to afscreds.exe.  afscreds.exe rewrites the 
  shortcut each time it exits so as to ensure that the shortcut points
  to the latest version of the program.  This value is used to determine
  which values should be used for command line parameters.  The current
  user value is checked first; if it does not exist the local machine
  value is checked.

  The following subset of the command line options are appropriate for
  use in this registry setting:

    -A = autoinit 
    -M = renew drive maps 
    -N = ip address change detection 
    -Q = quiet mode.  do not display start service dialog
         if afsd_service is not already running
    -S = show tokens dialog on startup
    -Z = unmap drives


Regkey:
[HKCU\SOFTWARE\OpenAFS\Client]

Value   : Authentication Cell
Type    : REG_SZ
Default : <none>
Function: Afscreds.exe GetDefaultCell()

  This value allows the user to configure a different cell name to
  be used as the default cell when acquiring tokens in afscreds.exe


Regkey:
[HKCU\SOFTWARE\OpenAFS\Client\Reminders]

Value   : "afs cell name"
Type    : DWORD {0, 1}
Default : <none>
Function: LoadRemind(), SaveRemind()

  These values are used to save and restore the state of the reminder
  flag for each cell for which the user has obtained tokens.

  This value used to be stored at 
  [HKLM\Software\TransarcCorporation\AFS Client\AfsCreds].


Regkey:
[HKCU\SOFTWARE\OpenAFS\Client\Active Maps]

Value   : "upper case drive letter"
Type    : DWORD {0, 1}
Default : <none>

  These values are used to store the persistence state of the AFS 
  drive mappings as listed in the [...\Client\Mappings] key

  These values used to be stored in the afsdsbmt.ini file

Regkey:
[HKCU\SOFTWARE\OpenAFS\Client\Mappings]

Value   : "upper case drive letter"
Type    : REG_SZ
Default : <none>

  These values are used to store the AFS path in Unix notation
  to which the drive letter is to be mapped.

  These values used to be stored in the afsdsbmt.ini file.


ENVIRONMENT VARIABLES:

Variable: AFS_RPC_ENCRYPT 
Values:   "OFF" disables the use of RPC encryption
          any other value allows RPC encryption to be used
Default:  RPC encryption is on


Variable: AFS_RPC_PROTSEQ
Values:   "ncalrpc"  - local RPC 
          "ncacn_np" - named pipes
          "ncacn_ip_tcp" - tcp/ip
Default:  local RPC