EDV:OpenAFS/Windows: Difference between revisions
No edit summary |
|||
Line 97: | Line 97: | ||
Network Identity Manager version 2.0 is its own distribution that upgrades the Network Identity Manager components installed by KFW (MIT-Kerberos). |
Network Identity Manager version 2.0 is its own distribution that upgrades the Network Identity Manager components installed by KFW (MIT-Kerberos). |
||
For further information and documentation see: [ |
For further information and documentation see: [https://www.secure-endpoints.com/netidmgr/v2/ Network Identity Manager Homepage] |
||
{{Achtung|{{IconAchtung}}This Download is only needed if you like like to use Heimdal-Kerberos}} |
{{Achtung|{{IconAchtung}}This Download is only needed if you like like to use Heimdal-Kerberos}} |
Revision as of 11:52, 22 April 2020
Generelle Installationsanweisungen und Anmerkungen:
Download: KIP-AFS_Windows-Installation Script (.bat-script in .zip-file)
This script will automatically download, install and configure all needed software for you.
IMPORTANT: During the installation process you will be asked for the AFS-Cell: kip.uni-heidelberg.de
On Windows > 7 you need to run this script with Administrator privileges: right click on the file and select "Run as administrator"
On Windows 10 you have to enable the version 1 of the SMB protocol by opening "Turn Windows features on or off" and selecting "SMB 1.0/CIFS File Sharing Support". (Bzw. "Unterstützung für die SMB 1.0/CIFS-Dateifreigabe" in der Box "Windows-Features", die über "Programme und Features" in der Systemsteuerung aufgerufen werden kann.) If the feature is not available in the features list you have to open the "PowerShell" as Administrator. There you have to install it with "Get-WindowsOptionalFeature –Online –FeatureName SMB1Protocol" and activate it with "Enable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol" (Microsoft Docs).
Upgrade auf Version 1.7.XX:
Beim Upgrade von Version kleiner / gleich 1.6.xx - bitte den alten Client deinstallieren!
Ab Version 1.7.X arbeitet der AFS Client für Windows mit einem nativen Filesystem Treiber und nicht mehr wie bisher über die Funktion SMB/Loopbackadapter. Deshalb ist es notwendig bei einem Upgrade des Clients auf Version 1.7.XX, und zwar nach der Deinstallation des Clients, den Loopbackadapter zu entfernen. Dies funktioniert am Besten über:
Eigenschaften des Loopbackadapters > Karteikarte Treiber > Deinstallieren/Entfernen
Dieses Fenster findet man entweder im Gerätemanager, oder unter Eigenschaften von Netzwerk.
Installation des AFS Authentication Gui Tool, Installation ohne Kerberos/Heimdal:
Damit man auch ohne Kerberos oder Heimdal einen Token erzeugen kann, gibt es immer noch die Möglichkeit das AFS Authentication Tool zu installieren. Hierfür ist es notwendig die Installation manuell/custom durchzuführen, und die Auswahl der einzelnen Programmteile wie folgt zu treffen:
Client-Software
To access the AFS-Server you need to download and install the appropriate OpenAFS and Kerberos Software (sometimes tricky), or use this
KIP-AFS_Windows-Installation Script (.bat-script in .zip-file)
which automatically downloads, installs and configures all needed software for you.
NOTE: The AFS-Cell is: kip.uni-heidelberg.de
Use only for a fresh installation, or uninstall the old client-software completely first! Remove also the Loopback Adapter, if present in the Device Manager. On Windows7 you need to run this script with Administrator privileges: right click on the file and select "Run as administrator" |
HowTo: Uninstalling the Microsoft Windows Loopback Adapter
OpenAFS for Windows depends on a third party Kerberos 5 implementation for network authentication.
There are two supported options: MIT Kerberos for Windows and Heimdal Kerberos. For Windows7 64 Bit better use Heimdal Kerberos on all other Systems the MIT Kerberos works well.
OpenAFS
For the latest releases visit the Homepage OpenAFS for Windows
Download for 32-bit Windows
Downloads for 64-bit Windows
Both installers must be installed on 64-bit systems
>> Kerberos (MIT)
Kerberos for Windows already includes Network Identity Manager
For further information and latest releases see: MIT Kerberos for Windows (KFW)
Download for 32-bit Windows
Download for 64-bit Windows
>> Kerberos (Heimdal)
For further information and latest releases see: Heimdal Kerberos 5
Download for 32-bit Windows
Download for 64-bit Windows
For Heimdal Kerberos you also need to install the Network Identity Manager
>> Network Identity Manager
Network Identity Manager version 2.0 is its own distribution that upgrades the Network Identity Manager components installed by KFW (MIT-Kerberos).
For further information and documentation see: Network Identity Manager Homepage
This Download is only needed if you like like to use Heimdal-Kerberos |
Download for 32-bit Windows
Download for 64-bit Windows
Installation
Kerberos Setup
Example installation with MIT Kerberos for Windows
When you use the Installation-Script, you can leave the Option:
- "Use existing configuration files ..."
checked, even if no previous Kerberos-Software-Setup has taken place.
OpenAFS for Windows Setup
Related config files under: http://printer.kip.uni-heidelberg.de/afsconfig
Important step here! Do NOT omit ;)
Set the Dafault Cell to:
kip.uni-heidelberg.de
Client-Connection
After installing the AFS-Software you need to:
If the authentication was successful, you are able to access your data by
- Click: Start > Computer > Map network drive (in the tool-bar)
- In the "Map Network Drive window" choose an available drive letter from the drop-down list and type the name of the folder to map.
The folder can be any (accessible) path starting with \\afs
Examples:
( the shortcut \\afs\kip is also possible )
- for the top level view: \\afs\kip.uni-heidelberg.de
- for your Home directory: \\afs\kip.uni-heidelberg.de\user\<USERNAME>
Click the "Reconnect at logon" checkbox if this network drive should be mapped permanently.
You can map multiple folders to different drive letters, in order to organize a quick and convenient file access.
It is also possible to access the data temporary (on the fly) without dedicated drive-mapping by typing:
" \\afs\kip\<your_location> " in the explorer address bar.