Feedback on KfW 4.0.1 Ticket Manager app

Dave Botsch botsch at cnf.cornell.edu
Wed Jul 2 13:03:17 EDT 2014 

Hi.

After with some discussion with folk in the #openafs irc channel, I
wanted to send you some feedback on KfW 4.0.1 and the Ticket Manager
app.

Our environment is Windows 7 attached to a domain. With profiles/etc
living on the OpenAFS filesystem (currently at Openafs for Windows
1.7.29).

Things of note...

it would actually be useful if the installer were to migrate an old
krb5.ini file from the 3.2.2 KfW location to the new location instead of
just renaming and leaving one with a blank file in the new location.
Since the format of the file hasn't changed, as far as I know, this
saves a step for end users installing the new KfW over the old one.

I like the autocomplete function. Expanding on this would be
autocompleting a realm in the krb5.ini file as the realm is being typed,
instead of just previously used principals.

In Ticket Mgr, Single clicking the little arrow next to a principal to
show the tickets did not reliably work. Double clicking does reliably
work. Fixing this bug would be a good thing.

The Ticket Manager window lacks a maximize button, which would be really
useful if one is trying to view multiple fields.

Also, if the window is not large enough, and one scrolls the window to
the right to look at extra fields, as soon as the window refreshes, the
scroll bar is placed back to the left, again.  Meaning one *must* resize
the window to be able to see fields, assuming one can resize the window
large enough. Really really annoying and should be fixed :)

Also, being able to auto obtain afs tokens as a side effect of getting
kerberos tickets would be really useful. Users have a hard time
distinguishing Kerberos Tickets from AFS Tokens, and so users need one
app that does both at the click of a single button.

KfW 4.0.1 seems to have somehow broken Windows AFS Integrated Login,
which works fine under KfW 3.2.2. The error reported by OpenAFS is
Kerberos 5 error # 196 which translates to KRB5_FCC_INTERNAL: Internal
credentials cache error. 

Thanks!

-- 
********************************
David William Botsch
Programmer/Analyst
@CNFComputing
botsch at cnf.cornell.edu
********************************

More information about the Kerberos mailing list