-This file is a rough list of known issues with the 1.3.63 release of OpenAFS
-on Windows. This list is not complete. There are probably other issues
-which can be found in the RT database or on the mailing list.
+This file is a rough list of known issues with the 1.5.0000 release of OpenAFS
+on Windows. This list is not complete. There are probably other issues which
+can be found in the RT database or on the mailing list.
(1) File/Directory access is not integrated with windows security
-(2) tokens are assigned to the service on a system global basis. Therefore,
-all users and processes on the machine are able to access files with the
-list of available tokens. This is dangerous if anonymous logins are enabled;
-or if multiple users are on the machine (ie, Terminal Server or XP user
-switching)
-
(3) SMB LANA list is static.
(3a) IP address changes cause the service to terminate due to an assertion
in smb_Listener() thread.
-(3b) New IP addresses do not get bound
+(3b) New IP addresses do not get bound to the SMB server
(3c) Loopback adapter hack:
(i) prevents use of AFS Gateway
(iii) the list of hack adapters is incomplete (VMWare, MS TV/Video, ...)
(iv) incompatible with Windows 2000 and earlier
-(4) Performance of the AFS Client Service code simply sucks. The average
-read, write, and delete times for AFS are more than ten times slower than
-the equivalent Windows File Share operations. The Window File Share operations
-are not all that fast. It has been claimed that the Windows AFS functions are
-one hundred times slower than the equivalent operations on Linux. I would not
-be at all surprised. The best we can do without rewriting AFS as a IFS would
-be to match the Windows File Share performance. I believe the threading model
-is imposing significant delays in the movement of data from between the SMB
-and RX protocol operations. There was also an issue with large numbers of
-page faults which have since been fixed.
-
-(5) The AFS SMB code logs numerous 1002 events each day. This is caused
-when an invalid SMB message are being processed from within the client.
-It is unclear if the invalid SMB message has been received or is being sent.
-
-(6) The AFS client service causes MRxSMB to produce 3019 events. This is probably
-the result of either malformed messages or invalid LANA values being used.
-
-(7) There appear to be directory locking problems associated with renaming
-directories.
+(9) Convert to IFS!!!!!!
-(8) File termination differences between Win9x and nt/w2k/xp (Jim Peterson)
-
-(9) How to silence "Explorer" when the mapped drive is not available?
-
-(10) Convert to IFS!!!!!!
-
-(11) Kerberos 5 integration:
-(11f) allow arbitrary cell to realm mappings
-(11g) modify UI to allow user to choose whether to authenticate
+(10) Kerberos 5 integration:
+(10f) allow arbitrary cell to realm mappings
+(10g) modify UI to allow user to choose whether to authenticate
using Kerberos or AFS
-(11h) modify UI to allow user to select an existing principal to
+(10h) modify UI to allow user to select an existing principal to
be used to request AFS tokens
-(11i) modify UI to display Kerberos 5 ticket info (principal,
+(10i) modify UI to display Kerberos 5 ticket info (principal,
ticket lifetimes, etc)
-(12) Default cell is system global just like everything else. Different
+(11) Default cell is system global just like everything else. Different
users logging in via Integrated Logon or using afscreds.exe cannot
be automatically prompted for different cells
-(13) AFS Integrated Logon:
-(13a) Obtain tokens via Kerberos 5
-(13b) If using Kerberos, need to figure out a means of passing credentials
+(12) AFS Integrated Logon:
+(12b) If using Kerberos, need to figure out a means of passing credentials
into the user space until such time as I finish the new credential
cache service.
-(13c) If network is not available must store the username and password
+(12c) If network is not available must store the username and password
somewhere until such time as the network starts.
-(14) Loopback adapter is not always installed with bindings to "File and
- Printer Sharing for Microsoft Networks" or "Client for Microsoft
- Networks". If these are not bound then SMB names will successfully
- be published to a list of zero which causes the AFS not to function.
- We need a way to test whether the Loopback adapter is properly bound
- so we know if it is safe to use. Actually, it is worse. Even with
- the bindings on Win2000 the loopback adapter frequently fails to publish
- SMB names. Of course, the error messages report nothing.
-
-(15) If a drive mapping is "in use", then afscreds cannot be used to Modify
+(13) If a drive mapping is "in use", then afscreds cannot be used to Modify
or Delete the Mapping. If a map to "H:" to \afs\cell\foo" with
description "home" is modified to point to \afs\cell\bar, then the
description must be unique. "home" cannot be reused. We need a way
to remove "home" from the submount list.
-(16) WinAFS configuration values are still stored in old style INI files
- instead of using the Registry. This is especially important for
- per-user values such as drive mappings
+ [Actually, an end user should not be able to modify the submount list]
-(17) Drive mappings are lost on WinXP after return from Standby. (This could
- be because the AFS Client Service fails OR because the RX protocol is
- temporarily unable to access the Cell due to network restore timing
- issues.)
+(14) No support for Unicode CIFS/SMB data structures. OEM Code Pages prevent
+ the use of interoperable file names; force the use of paths no longer
+ than 256 characters; force share names to be no longer than 13
+ characters; restrict authentication to ASCII only names and passwords;
+ etc.
-(18) No support for Unicode filenames. Translations make file unreadable
+(15) No auto-restart on service failure
-(19) No auto-restart on service failure
+(16) Better EventLog handling
-(20) Better EventLog handling
+(17) Named Pipes Support [requires modifications to AFS servers to support]
-(21) Named Pipes Support
+(18) Memory Mapped File support
-(22) Memory Mapped File support
+(19) Large file support [both SMB/CIFS and AFS]
-(23) Large file support
-
-(24) Execution of debug builds indicates corruption of run time library
- allocated memory blocks due to buffer overruns. This may be the
- result of improper object locking or out of bounds access.
-
-(25) AFS Shell Extensions do not work on UNC paths of the form \\AFS\...
- They only work on mapped drives.
-
-(26) Implement persistent disk based cache which survives restarts
-
-(27) NSIS Installer issues
+(20) NSIS Installer issues
(a) integration with KFW install script
(b) Optional removal of AFS Server volumes
-(28) The User Interface needs to be re-designed to separate the per-user
+(21) The User Interface needs to be re-designed to separate the per-user
and per-machine settings. All of the new registry items need to
be added to the UI
-(29) Windows XP SP2 and Windows 2003 SP1 are going to lockdown the
- machine. We need to add code to programatically open the
- Internet Connection Firewall to the ports needed by the various
- AFS services.
-
-(30) It has been discovered that there is a lack of proper thread locking
- when "crypt" mode is used on Windows. This can be reproduced by
- performing multiple read operations simultaneous. The symptoms will
- be a memory followed by an eventual crash resulting from a stack
- overwrite. First step is to enable the use of RX_ENABLE_LOCKS when
- building on Windows.
-
-(31) There are remaining issues with the Freelance support. There appears
- to be an initialization issue related to whether the Freelance fake
- root.afs is constructed before or after the first access to a cell
- name via \\afs\cellname\. Accessing \\afs\cellname via cmd.exe
- appears to trigger the problem on a regular basis whereas 4nt.exe
- does not.
-
-
+(22) CIFS Remote Administration Protocol implementation is incomplete.
+ Notifications are not made to requestors when the view of a file
+ or folder changes due to token acquisition; token expiration; or
+ token destruction
+
+(23) Remove submount creation as a side effect of AFS drive mapping.
+
+ The AFS Submount is effectively a server side alias for a path
+ located in the AFS space. This alias is exported by the AFS
+ SMB/CIFS Server to the Windows SMB/CIFS client as a Share name.
+ This makes the AFS Submount a system global setting which should
+ only be modified by a member of the "AFS Client Admin" group.
+
+ afs_creds.exe and afs_config.exe should be modified to no longer
+ use submount names when creating drive maps. Drive maps should
+ simply use the full AFS path name. Submounts should not be
+ created as a side effect of a drive mapping.
+
+ The creation of submounts should only be possible via afsshare.exe
+ or by the new AFS Client Service Administration tool when executed
+ by an authorized user.
+
+(24) No support for byte range locking (or locking at all)
+
+-------------------------------------------------------------------------
+List of unfunded projects:
+
+ 1. No longer use AFS Client Service "cell" as the default cell for individual users
+ 2. Prevent panic situation when the root.afs volume is not reachable and
+ the AFS Client Server is not using Freelance mode
+ 3. Prevent panic situation when the IP address to which the SMB server is bound is removed
+ from the local machine's network configuration
+ 4. Add support for Named Pipes within the afs filesystem
+ (This is not currently a supported feature of AFS; it will require
+ changes to the servers as well as the clients.)
+ 5. Replace afscreds.exe with netidmgr.exe to support:
+ 1. choosing between Kerberos 5 and Kerberos 4 on a per principal basis
+ 2. providing users with the ability to map multiple cells to a single principal
+ 3. providing change password functionality on a per principal basis
+ 4. no longer include drive mapping
+ 5. configuration of afscreds startup options in shortcut
+ 6. Re-write afs_config.exe to be only "per user" functionality which does not require admin
+ privileges
+ 1. default cell and principal for the user
+ 2. drive mappings but no submounts
+ 3. visibility of afs creds and setting of afs creds startup options
+ 7. Create new afs_admin.exe tool to be installed in the administrator folder (or use MMS)
+ which contains
+ 1. afs client service cell name
+ 2. integrated logon configuration
+ 3. Gateway configuration
+ 4. start/stop service
+ 5. global drive mapping
+ 6. submount management
+ 7. file/volume server preferences
+ 8. afs cells
+ 9. cache configuration
+ 10. diagnostics
+ 11. network configuration
+ 12. miscellaneous
+ 13. need to add support for all of the new registry values since 1.2.8
+ 10. Add support for configurable Icon file representing AFS folders within the Explorer Shell
+ 11. Documentation Documentation Documentation
+ 12. Large File support (> 2GB) in SMB/CIFS client
+ 13. Integrate KFW installation into the NSIS and MSI installers
+ 14. Add support for byte range locking to AFS (requires changes to the servers)
+ 15. Unicode enable the SMB/CIFS server. OEM Code Pages:
+ 1. prevent the use of interoperable file names
+ 2. force the use of paths no longer than 256 characters
+ 3. force share names to be no longer than 13 characters
+ 4. restrict authentication to ASCII only names and passwords
+ 16. Complete implementation of CIFS Remote Administration Protocol
+ 17. Add support for SMB/CIFS Digital Signatures
+ 18. Missing SMB/CIFS functions:
+ Find
+ FindUnique
+ FindClose
+ ReadBulk
+ WriteBulk
+ WriteBulkData
+ Tran2::SessionSetup
+ 19. StoreBehind mode is not implemented. Or more correctly, all data is
+ written directly to the server and is not cached. Writes invalidate
+ the local cache entries which are then read back from the server.
+ 20. Develop an optional Installable File System replacement for the SMB/CIFS
+ Server.
+ 21. Add support for storing Extended Attributes on files
+ 22. Add support for storing Windows ACLs on files
+ 23. Remove submount creation as a side effect of drive creation
+ 24. Finish conversion from string.h to strsafe.h for VS.NET 2005
+ 25. Implement RX Statistics gathering interfaces and reporting tools
+ (necessary to obtain profiling data)
+ 26. Implement RX Connection Pools in the Cache Manager allowing more than
+ four simultaneous requests to a single server to be processed at a time
+ for a single user
+
\ No newline at end of file