WolfCall News







			WolfCall News

This page contains news about the NCSU WolfCall project. For more information, see the WolfCall home page.

WolfCall is a Windows-based application that works with an AFS Client and the Kerberos for Windows software from MIT to let you easily access your AFS space from Windows 2000 and XP computers (more...)

WolfCall News

July 27, 2006:
WolfCall 1.2.1 released for testing. It is intended to be used with the updated KfW and OpenAFS clients at the download page. Likely this is the last release of WolfCall as the KfW Network Identification Manager has most of the same features as WolfCall.

Now checks for the AFS UNC path from the registry, and if it's not found reverts to \\machinename-afs\ (for older OpenAFS clients).

Now gives a better error when checking the Quota section in the Account Information tab while the home directory is not mapped.

Fixed the 'Destroy Tokens' button.

Fixed a bug with the 'Apply Drive Mappings' button. Previously, if the user did not have tokens, it would get tokens, but not apply the drive mappings.

June 11, 2004:
Added the WolfCall Reference. Also updated a couple items in the FAQ, and corrected some antiquated information in the Auto-Login White Paper.

May 28, 2004:
Updated the install instructions and made the Loopback adapter installer more easily accessable (it was kinda hard to find before). Also made a few corrections to the FAQ.

March 3, 2004:
WolfCall 1.2.0 includes minor tweaks, mostly invisible to the average user:

Login scripts now have an extra step called "Contacting the AFS Client" to reduce confusion when this fails or is slow (moving the blame away from "Destroying AFS Tokens").

A new registry option has been added to cause the auto-login to continue silently on "no such user" errors.

Kerberos configuration files use DNS SRV records to allow easy changes to the Kerberos server farm.

The auto-login system has been future-proofed against changes in the internal Kerberos credentials structure. Also, the auto-login does not pass a Kerberos 4 ticket, fetching it via krb524 instead.

The auto-login system has better error reporting.

Both services (renewal and auto-login) have improved logging (to help track down a very rare crash bug).

November 3, 2003:
WolfCall 1.1.2 includes two bug fixes and one minor improvement:

Services were logging to a file despite not being debug versions.

Service descriptions were mismatched.

When started without credentials, WolfCall has always prompted for username and password. Formerly, it would always exit on failure (to imitate KAUTH's behavior). Now, it will continue to prompt until authentication succeeds or the user presses cancel.

August 21, 2003:
WolfCall 1.1.1 includes two bug fixes:

Command-line tasks (such as /tfsl_login and /task:ms2mit) were broken in 1.1.0. Apparently the AFS ticket libraries use Winsock, but don't know to how to initialize it, so we must do it for them.

krb5.conf has been updated with the master_kdc field, which is accidentally required due to a (now corrected) bug in Kerberos for Windows 2.5.0.

August 12, 2003:
WolfCall 1.1.0 Relased!
Major Changes:

Built against Kerberos for Windows 2.5.0. Note that KfW will need to be upgraded along with WolfCall.

The renew button now renews in the full Kerberos sense - it gets new tickets using your old ones, with no password involved.

The new ticket renewal service transparently renews tickets so you can (optionally) stay logged in for up to a week (with current KDC settings).

The auto-login service was overhauled (to facilitate the above).

Hesiod logic was future-proofed. User info is now retrieved by a spartan plugin system, so that it will be easier to modify WolfCall to use a new directory service system.

WolfCall no longer "destroys" the ticket cache unless you press the "clear auth" button. Previously it needlessly did so whenever you authenticated. This should make certain sasl applications whine less (sidelong glance at Mulberry).

Krb524 is now mandatory. There is no checkbox to use plain Krb4 anymore. That checkbox was put there before we solved the Krb524 NAT troubles, and is no longer relevant (especially since MIT is finally moving towards official support for it on Windows).

The Krb4 TGT is now retrieved by Krb524 rather than plain Krb4 calls. This means that your password will no longer be used by the Krb4 wire protocol, which is less secure than Krb5's.

WolfCall and wkauthlib no longer attempt to set and repair their own registry settings themselves. The self-registration procedure was always a little flaky, and I grew tired of maintaining it. Registration is now done entirely with via the MSI engine, which should be more flexible for system administrators anyway.

There is now version reporting for the Krb4 and GSSAPI DLL's, since we've seen ancient versions of these get left behind by things.

May 28, 2003:
WolfCall 1.0.5 includes:

A fix for another progress bar window problem, introduced in 1.0.4.

Support for running WolfCall without the AFS Client. Potentially useful for those who use other kerberized services (IMAP, POP), but do not want to install the AFS Client.

Automatic correction of the system time if it is off by more than five minutes. If the user has the proper permissions, WolfCall prompts them with a yes-or-no dialog box.

Better resizing of columns in the credentials lists.

May 8, 2003:
WolfCall 1.0.4 includes:

A workaround for the "ktc_ForgetAllTokens" problem with OpenAFS 1.2.8a. Restarts the AFS service when necessary. For more information, click here and here.

ms2mit ticket conversion - provides an alternate auto-login procedure for people running Microsoft AD domains with cross-realm Kerberos authentication.

A fix for a bug that would occasionally cause the auto-login to hang if the login screen were wiggled vigorously.

Locking on the log file to prevent data loss in the log.

April 23, 2003:
WolfCall 1.0.3 fixes an intermittent problem with auto-login and adds AFS version reporting to the "Misc" tab.

April 11, 2003:
WolfCall 1.0.2 adds a warning about unsynchronized passwords and capitalization inconsistency during auto-login (see below).

April 8, 2003:
Discovered a non-bug in the WolfCall autologin procedure. It seems that Novell passwords are not case sensitive, so occasionally Novell may let you in, but WolfCall will give you an invalid password error. We will put an extra warning into the error message.

March 26, 2003:
WolfCall 1.0.1 released. Fixed a crash bug with the (generally rarely used) "Get TGT" button.

February 24, 2003:
WolfCall 1.0.0 released. New features over 0.5.3 include:

Corrected ticket lifetime (from 9 hours to 21).
Configurable ticket lifetime.
"None" option added to drive mappings to disable mapping of AFS drives.

February 5, 2003:
As promised, I've written up some documentation explaining the WolfCall Auto-Login feature.

February 4, 2003:
Additions to WolfCall 0.5.3:

Auto-login. (Note that this is not installed in the typical installation.) This option automatically gets Kerberos tickets after a successful Windows login using your Windows username and password. Go into the "custom" install procedure to get the auto-login service. Soon (i.e., tomorrow) I will write a short white paper on how to get this working in lab environments. As for now, it should work just fine on individual machines.
NAT support should now work with no caveats, as long as you upgrade to the new KfW distribution ("0.5.3") listed along with the WolfCall download.
Miscellaneous bug fixes and tweaks.

January 10, 2003:
WolfCall 0.3.2:

Fixes an obscure bug wherein the service start routine asks for more rights than it really needs. This only applies if you've modified your service DACLs so that users can start the AFS service.

Fixes a bug with the "Get Tokens" button (it didn't check the username and thus couldn't map the home directory).

January 10, 2003:
WolfCall 0.3.1 adds a command-line parameter to automatically fill in the User Name field in the login prompt:
wolfcall /u:"%username%" (no space between the colon and the User Name; quotes optional).

Also, a stupid bug that caused WolfCall to incorrectly compare the KfW version number was fixed.

December 11, 2002:
WolfCall 0.3.0 fixes a bug that would cause drives to not map on computers with long (>11-character) NetBIOS names.

December 5, 2002:
WolfCall 0.2.9 fixes a braindead bug which causes WolfCall to incorrectly use Kerberos 4 when the GUI isn't in "advanced mode".

December 3, 2002:
WolfCall 0.2.8 adds an option to use ordinary Kerberos 4 instead of 5-to-4 conversion (aka krb524). This is somewhat more likely to work behind Network Address Translation. If you're behind NAT, try checking the "Enable 5-to-4 NAT Support" box. If that fails, simply uncheck "Use 524".

December 3, 2002:
WolfCall 0.2.7 fixes installer issues introduced in with 0.2.4.

November 27, 2002:
WolfCall 0.2.5 has a GUI for the user-configurable drive letters. See the misc tab to change your drive mappings.

November 26, 2002:
WolfCall 0.2.4 has user-configurable drive letters. Will make a GUI for the feature soon (currently only registry-only).

November 22, 2002:
WolfCall 0.2.3 has support for Network Address Translation. Go to the advanced tab and check the "Enable NAT Support" button.

WolfCall Home

WolfCall News

Installation Instructions

Frequently Asked Questions

WolfCall Statement of Support

Troubleshooting Remote Access

Technical Documents

About Authentication

Auto-login White Paper

Interoperation with Firewalls

Locking down NetBIOS

Microsoft Loopback Adapter

WolfCall Reference




Information Technology and Engineering Computer Services (ITECS) College of Engineering, North Carolina State University, Raleigh, NC 27695 Comments to eoshelp@ncsu.edu. URL: http://www.eos.ncsu.edu/




		This support page is for students, faculty, and staff at North Carolina State University.