OpenAFS for Windows

OpenAFS is the world's foremost location independent file system. With OpenAFS for Windows, users of Microsoft Windows 2000, XP, 2003, XP64, Vista (all editions), Server 2008 (all editions), Windows 7 (all editions), Server 2008 R2 (all editions), Windows 8.x (amd64, x86), and Server 2012 (all editions) can make the most of this proven data sharing solution. The OpenAFS Project provides binary installation packages appropriate for both individual users and organizations with thousands of members.

Contents:

Urgent News

How to Decide Which Version to Install

OpenAFS.org maintains two active release series for the Microsoft Windows platform, 1.6.x and 1.7.x.  If life were simple, the 1.6 release series would be the most recent production quality revision and the 1.7.x would be the next generation release series that includes potentially experimental features that have not received broad testing.  Unfortunately when it comes to OpenAFS on the Microsoft Windows platform life is not simple.

Access to the \\AFS name space is acheived via the use of an SMB to AFS gateway in the 1.6 series.  This approach was developed when there were no documented methods of adding networked file system to Microsoft Windows.  It worked quite well in Windows XP and Server 2003 but is highly unstable on Windows 7 and Server 2008 R2.  Especially on systems that suspend and resume or migrate between networks.

The 1.7 series is a completely new approach.  Instead of relying on the Microsoft SMB client to interface with the Windows kernel, OpenAFS 1.7.x is a native Windows file system that is compatible with all versions of Microsoft Windows from XP SP3 to Windows 7 SP1 and Server 2008 R2 SP1.  As a native file system, 1.7 provides better performance, does not rely on a private loopback interface to publish the SMB gateway service name, and most importantly, permits the OpenAFS developers to fully control the file system source code.  No longer will OpenAFS be held hostage to the whims of Microsoft when bugs in the SMB client negatively impact access to the \\AFS name space.

The choice is yours to make but the recommendation of OpenAFS is to deploy the 1.7 series client and submit bug reports if application incompatibilities are uncovered.  The OpenAFS developers have a long track record of promptly fixing reported issues.

Digital Signatures

Installers are produced and signed by Secure Endpoints Inc. or Your File System Inc.. If the signature is missing do not complete the installation process and send e-mail to openafs-security@openafs.org

OpenAFS for Windows 1.7.30 (1.7.3000)

(updated 25 March 2014)

Significant Changes since 1.7.29:

Features:

Documentation:

Supported Platforms:

Windows 2000 is not a supported platform for the 1.7 series. Use OpenAFS for Windows 1.6.1 (1.6.0104).

Known Issues:

Downloads for 64-bit Windows operating systems: 2012/Win8/2008-R2/Win7/2008/Vista/2003-R2/2003/XP:

Both installers must be installed on 64-bit systems.

Download for 32-bit Windows operating systems: Win8/Win7/2008/Vista/2003-R2/2003/XP:

OpenAFS for Windows 1.6.1 (1.6.0104)

(updated 28 March 2012)

 

Significant Changes since 1.6.0b:

Features:

Documentation:

Supported Platforms:

* Installers for Itanium systems are unavailable. Organizations interested in support for Itanium should consider donating a development/test system to OpenAFS.

Known Issues:

Downloads for 32-bit Windows operating systems: Win7/2008/Vista/2003-R2/2003/XP/2000:

Downloads for 64-bit Windows operating systems: 2008-R2/Win7/2008/Vista/2003-R2/2003/XP:

Support for 32-bit Windows Applications on 64-bit Windows operating systems

This installer is required for any 32-bit applications that require use of AFS libraries.  This includes 32-bit versions of MIT Kerberos for Windows.

Note: In 64-bit versions of Microsoft Windows there are 64-bit and 32-bit versions of the command prompt and the Explorer Shell.  It is very important that when installing applications that the installers be started from a 64-bit process.  It is strongly recommended that the Add/Remove Programs Control Panel be used to initiate installations on 64-bit Microsoft Windows operating systems.

Kerberos (MIT or Heimdal)

OpenAFS for Windows depends on a third party Kerberos 5 implementation for network authentication.  There are two supported options:

The recommended version of Kerberos v5 for OpenAFS for Windows 1.6.1 is MIT version 3.2.2. 64-bit releases of KFW are available from Secure Endpoints Inc.  MIT Kerberos has stability issues on Windows 7 and Server 2008 R2.

The recommended version of Kerberos v5 for OpenAFS for Windows 1.7.30 is Heimdal.  Please add allow_weak_crypto = true to the [libdefaults] section of krb5.conf in %SystemDrive%\ProgramData\Kerberos.

MIT 3.2.2 ships with Network Identity Manager version 1.3.1. Network Identity Manager version 2.0 works with both Heimdal and MIT Kerberos.

Microsoft Hotfixes

Just as OpenAFS releases fixes on a continuous basis, so does Microsoft for their Windows products. If they are security related or deemed to be critical to the entire user base these hot fixes are pushed out via Microsoft's Windows Update service. However, if the fix is considered to be relevant only to a small user community, the hot fix is made available via a posting to Microsoft KnowledgeBase. When a new service pack is issued all of the outstanding hot fixes are rolled up and regression tested together.

OpenAFS for Windows 1.6 releases are highly dependent on the correct operation of Microsoft's SMB redirector network file system driver and the Netbios communication stack. Over the years there have been a large number of bugs found and fixed within these two subsystems. At the present time there a hot fixes that have been issued by Microsoft which have yet to be bundled into a service pack for XP 32-bit, XP 64-bit and Server 2003.  Hot Fixes that are considered critical for OpenAFS users are marked as such below.

Microsoft Windows Server 2003 and XP64

The current service pack level is 2.

Microsoft Windows XP

The current service pack level is 3.