|
|
|
|
|
|
|
  |
||||||
|
|
|||||
|
       |
|||||
|
||||||
|
 |
|||||
|
WolfCall: Reference |
|||||
The intent of the WolfCall project is to provide access to the NCSU AFS network to Students, Faculty, and Staff. Since AFS access is used differently on a number of different computing environments at NC State, it just so happens that one size does not fit all. This reference is just to allow a little bit of flexibilty in how one might setup an environment.
Command-Line Parameters
Registry Keys
Tasks
Error Codes
Deployment Notes
/q for quiet mode
/initreg - Initialize registry settings (to hklm)
/initafs - Load correct settings into AFS Client configuration
/inithes - Put resolv.conf into %windir% for hesiod library
/inital - Set up Auto-Login (during installation)
/tfsl_login - Get TGT's out of the ticket file service and finish the login
/task:[script] - Run task [script] from registry
/u:[username] - Preload [username] into login dialog box
HKLM\SOFTWARE\NC State University\WKAuthLib
| Value | Data Type | Default | Notes |
| homeletter | SZ | k |
Drive letter assigned to the user's home directory. |
| lifetime | DWORD | 0x15 | Max value is 21 hours |
| nat | DWORD | 0 | Turns on/off using addressless tickets. |
| Renewable | DWORD | 1 | Turns on/off getting renewable tickets. |
| rootletter | SZ | j | Drive letter assigned to the afs root. |
| crypt | DWORD | 0 | Turns on/off encryption in the AFS Client. |
| debug | DWORD | 0 | Turns on/off debug logging. |
| DebugFile | SZ | %TEMP%\ wkauthlib.debug.log | Location of debug log. Value is not created by default. Unfortunately the default data for this value currently exists only in the code. Note that the user running WolfCall needs write access to the DebugFile. |
HKLM\SOFTWARE\NC State University\WolfCall
| Value | Data Type | Default | Notes |
| Advanced | DWORD | 0 |
Turns on/off defaulting to the Advanced view. |
| FinishAutoAuth | DWORD | 1 | Turns on/off the second half of the authentication process when using the Auto-login service. |
| ShowResults | DWORD | 0 | Turns on/off showing results after authentication. |
HKLM\SOFTWARE\NC State University\WCUserInfo
This key is used for WolfCall's user information plug-in system. Information on how it works can be found in wcuserinfo_identifiers.h in the WolfCall source.
| Value | Data Type | Default |
| 1 | SZ | wcuserinfo.dll |
| 2 | SZ | wcuserinfo.dll |
| 3 | SZ | wcuserinfo.dll |
| 4 | SZ | wcuserinfo.dll |
HKLM\SYSTEM\CurrentControlSet\Services\krb_tfnp
Required value and key to setup the Auto-Login service as a Network Provider.
| Value | Data Type | Default |
| Group | SZ | NetworkProvider |
HKLM\SYSTEM\CurrentControlSet\Services\krb_tfnp\NetworkProvider
Required values and key to setup the Auto-Login service as a Network Provider.
| Value | Data Type | Default |
| AuthentProviderPath | SZ | C:\Program Files\NCState\ WolfCall\krb_tfnp.dll |
| Class | DWORD | 2 |
| Name |
SZ | krb_tfnp |
| ProviderPath |
SZ | C:\Program Files\NCState\ WolfCall\krb_tfnp.dll |
HKLM\SYSTEM\CurrentControlSet\Services\krb_tfnp\Parameters
There have been some issues with Windows running the FinishingScript on machines with multiple Network Providers (specifically a Novell Client). See the Auto-login White Paper for more details.
| Value | Data Type | Default | Notes |
| DoFinish | DWORD | 1 |
Determines whether or not Windows will run the FinishingScript. |
| FinishingScript | SZ | "C:\Program Files\NCState\ WolfCall\ wolfcall.exe" /tfsl_login | Network Provider "script" that gets run in the user space (meaning as the user) after authentication. |
| NoUserContinue | DWORD | 1 | Determines how Wolfcall Auto-Login service will react to error
code 11 (User not found in kerberos database). |
HKLM\SYSTEM\CurrentControlSet\Services\krb_tf_svc\Parameters
| Value | Data Type | Default | Notes |
| Debug | DWORD | 0 |
Turns on/off debug logging for the Ticket-File Service. |
| Logfile | SZ | %SystemRoot%\tfservice.txt |
Location of the Logfile for the Auto-Login service. Since the service is running as SYSTEM, the user does not need write access to the LogFile. |
HKLM\SYSTEM\CurrentControlSet\Services\krb_renew_svc\Parameters
| Value | Data Type | Default | Notes |
| CCacheName | SZ | krbcc32s.exe | |
| Debug |
DWORD | 0 | Turns on/off debug logging for the Ticket Renewal Service. |
| LifetimeReg | SZ | SOFTWARE\NC State University\WKAuthLib\ Lifetime | |
| Logfile |
SZ | %SystemRoot%\ renewservice.txt | Location of the Logfile for the Renewal service. Since the service is running as SYSTEM, the user does not need write access to the LogFile. |
| RenewExe |
SZ | "C:\Program Files\NCState\ WolfCall\wolfcall.exe" | Location of the WolfCall (or other) executable. |
| RenewOpts |
SZ | /q /task:Renew |
Command line parameters passed to RenewExe executable. |
Tasks are initiated by running wolfcall.exe /task:<task>, where <task> is a REG_MULTI_SZ located under:
HKLM\SOFTWARE\NC State University\WKAuthLib\tasks
Valid Task data entries are the following: {ms2mit, tfslget, kinit5 _ _, kinit4 _ _, kinit524, renew, aklog <cell>, unlog, map _home _, map _root, unmap <letter>}
Tasks defined in the Wolfcall installer:
GetTGTs kinit5 _ _
kinit524Login
unlog
kinit5 _ _
kinit524
aklog eos.ncsu.edu
aklog unity.ncsu.edu
aklog bp.ncsu.edu
map _home _
map _rootMapHome map _home _ ms2mit_login unlog
ms2mit
kinit524
aklog eos.ncsu.edu
aklog unity.ncsu.edu
aklog bp.ncsu.edu
map _home _
map _rootRenew renew tfsl_login unlog
tfslget
aklog eos.ncsu.edu
aklog unity.ncsu.edu
aklog bp.ncsu.edu
map _home _
map _rootTokens aklog eos.ncsu.edu
aklog unity.ncsu.edu
aklog bp.ncsu.eduUnTokens unlog
unmap k
Located under:
HKLM\SOFTWARE\NC State University\WKAuthLib\errors
| 4 | Incorrect Password. Visit http://www.ncsu.edu/password to reset or resynchronize your passwords. |
| 5 | Service Not Running |
| 6 | Attempted to map to an in-use drive letter; unmap not requested |
| 7 | Drive mapping already in place |
| 8 | Attempted to map to an in-use drive letter, unmapping failed because connection is in use. |
| 9 | Service already running |
| 10 | Service hung on start-up |
| 11 | Username not found in Kerberos database |
| 12 | Error parsing login automation script |
| 13 | User-resquested abort during script execution |
| 14 | User-requested emergency abort during script execution |
| 15 | Un-map requested on unused drive letter |
| 16 | Service not installed |
| 17 | WKAuthLib has already been initialized |
| 18 | Couldn't initialize hesiod libraries: error starting Winsock 1 |
| 19 | Couldn't read or initialize settings in the system registry |
| 20 | Couldn't load a required Dll |
| 21 | DLL version too old |
| 22 | Error initializing Windows Sockets 2 |
| 23 | Timeout while tracerouting for NAT server address |
| 24 | Bad ICMP response while detecting NAT server address |
| 25 | Bad network address; try enabling addressless tickets in advanced options |
| 26 | Not enough memory |
| 27 | Bad function parameters |
| 28 | Unable to find previously cached tickets to complete auto-login |
| 29 | Could not load required Dll. Is Kerberos for Windows installed? |
| 30 | Incorrect Password during Auto-Login. The passwords are not synchronized, or the case is incorrect (check caps lock). |
| 31 | User information function failed |
Use of %TEMP% for logging in conjunction with Auto-Login can be confusion if the %TEMP% environmental variable is different between the SYSTEM account and the user account. User accounts typically have %TEMP% set to %USERPROFILE%\Local Settings\Temp, whereas the SYSTEM is set to %WINDIR%\Temp
The command-line parameters to repair WolfCall/AFS settings use the Microsoft Installer Engine and does not have an embedded set of registry keys/files.
Technical Documents
WolfCall Reference
![< to Top]](../Media/graphics/footer_links/top_arrow.gif){kind=icon}
![[ ENGR Template ]](../Interface/images/banner.gif){kind=small}