#16 Cannot connect to Domain DFS root shares

closed
nobody
None
5
2014-08-13
2007-06-22
eppNator
No

Windows 2003 R2
WebDisk 0.43
Tomcat 5.5

When I attempt to connect to a domain DFS root share, I get 'Unable to connect: smb://domain.name.com/sharename/ (The network name cannot be found.)'

I can connect to standalone dfs roots but I cannot follow a DFS link to a domain dfs root...I get the same error.

Any ideas?

Discussion

  • Nobody/Anonymous

    Logged In: NO

    Thanks for your quick response Thomas...

    Both the server running webdisk and the server hosting the Domain dfs root have smb signing disabled.

    I've tried both settings for the usentlm parameter.

    Any other ideas?

    Nathan.

     
  • Nobody/Anonymous

    Logged In: NO

    Hello,

    you can increase the jcifs-loglevel in web.xml to 10 and see what's happening in the tomcat console.

    bye
    Thomas

     
  • Nobody/Anonymous

    Logged In: NO

    with logging turned up to 10, I can see that it has resolved our domain name to the ip address of one of the domain controllers and when it enumerates the shares on that domain controller, the local shares on that DC are returned (ie. netlogon, sysvol) rather than the domain dfs shares... the same shares I would see from a windows desktop if I were to browse \\domain.name.com... however, my windows desktops can still connect to domain dfs roots even though they do not show up in that browse list?

    our DFS servers are running R2 but our DCs are w2k3 sp1... do you suppose this has something to do with DFS changes in R2? We're new to DFS... is this supposed to work from webdisk?

    Thanks,

    Nathan.

     
  • Nobody/Anonymous

    Logged In: NO

    Hello,

    you can try to add the netbios names of the servers to the hosts file on the webdisk server (under windows it is in \system32\drivers\etc\hosts).
    The dfs referrals are normally resolved with the netbios names, but netbios resolution is disabled in the webdisk for performance reasons.
    The netbios names can be found with "ipconfig /all" in the field "host name".

    bye
    Thomas

     
  • Thomas Bley

    Thomas Bley - 2007-06-30

    Logged In: YES
    user_id=922402
    Originator: NO

    Got no more feedback, closing.

     
  • Thomas Bley

    Thomas Bley - 2007-06-30
    • status: open --> closed
     
  • Nobody/Anonymous

    Logged In: NO

    Sorry, I was away for a few days.

    I've tried adding entries in the hosts file or lmhosts file. I've tried adding wins configuration into the jcifs.properties file.

    I did a little bit of googling on this and I think it may be a jcifs deficiency:
    http://osdir.com/ml/network.samba.java/2004-08/msg00111.html

    Thanks and let me know if you have any other ideas.

     
  • Nobody/Anonymous

    Logged In: NO

    Hello,

    can you ping the netbios name of the machine from the web server ?
    Can you ping domain.name.com from the web server ?

    bye
    Thomas

     
  • Nobody/Anonymous

    Logged In: NO

    First some clarification:

    I'm dealing with a domain based DFS root where the target share is on a domain member server running Windows 2003 R2.

    Webdisk cannot connect to \\domain\dfs_root or \\domain.com\dfs_root but it can connect to \\target.domain.com\dfs_root where target.domain.com is the name of the domain member server which is the target of the DFS root share.

    I can ping the domain member server
    I can ping the fully qualified domain name (provided I have a valid entry for it in the 'hosts' file)
    I cannot ping the netbios name for the domain

     
  • Nobody/Anonymous

    Logged In: NO

    Hello,

    I've set up a new "domain based" namespace. The one I've tested before was a stand-alone namespace because the windows server says the "domain based" namespace can only hold 5000 folders.
    The domain name is "w2k3testr2.local". The domain controller has the IP 192.168.0.202 and the name "testw2k3r2". This is what I've added to the hosts file on the webserver (a winxp machine):
    192.168.0.202 testw2k3r2
    192.168.0.202 w2k3testr2.local

    Using this, the domain based dfs works without any problems (local shares, dfs to local shares, dfs to remote shares, dfs to dfs shares, see screenshot).

    bye
    Thomas

     
  • Thomas Bley

    Thomas Bley - 2007-07-11

    Logged In: YES
    user_id=922402
    Originator: NO

    File Added: domain_based_dfs.png

     
  • Thomas Bley

    Thomas Bley - 2007-07-11
    • status: closed --> open
     
  • Nobody/Anonymous

    Logged In: NO

    Okay, I've finally figured out what you are suggesting and it sorta works but not quite... let me explain:

    - domain based dfs roots don't have to be hosted on a domain controller... mine isn't, so what I had to do was add the hosts entries to point to my member server that's hosting the domain based DFS root
    - the problem is... what if I have domain based dfs roots on more than one server? I can't have my hosts file resolve 'domain.com' to more than one ip address, can I?

    The real issue is that jcifs doesn't appear to be able to resolve and follow a domain based dfs referral the way a windows client can. I don't understand enough about domain based DFS to know how this is supposed to work.

    Thanks

     
  • Nobody/Anonymous

    Logged In: NO

    Hello,

    jCIFS definitively follows DFS referrals. Just make a packet dump and you'll see.
    If there is more than one target for a referral, jCIFS takes the first one.

    From the MS Docs:
    DFS Replication is a multimaster replication engine. Any change that occurs on one member is replicated to all other members of the replication group.

    That means every member of your DFS structure hosts the same strcuture. If your DFS structure changes, it gets changed on all servers.

    > the problem is... what if I have domain based dfs roots on more than one server? I can't have my hosts file resolve 'domain.com' to more than one ip address, can I?

    I recommend to define the server nearest to the webdisk in the "web.xml". If that server is replaced by a new one, just change the server name/IP in "web.xml" (manual closest site selection).

    bye
    Thomas

     
  • Nobody/Anonymous

    Logged In: NO

    Hi Thomas,

    I agree that jcifs can follow DFS referrals. However, it seems unable to follow referrals that point to domain dfs roots. By adding entries into the hosts file, we are cheating the client into finding the host where the dfs root share is hosted... jcifs still thinks the share is on 'domain.com' rather than on the target that the domain dfs root referral points to.

    Some of this would become clearer to you if you could try this:
    - add a win2k3 r2 member server to your domain
    - from that member server, add a domain based dfs root hosted on the member server
    - you will see that a windows client can map to \\domain\share without having to have any special hosts entries
    - you will also notice that the domain dfs root share points to a share that has been created on your member server
    - adding hosts file entries to "lie" that 'domain' is on the ip address of your member server will allow wedisk to access this dfs root but its the hosts entry doing the equivalent of the referral
    - if you were to add a second win2k3 r2 member server with a domain dfs root, you would not be able to get webdisk to connect to both domain dfs roots, as far as I can see

    Thanks Thomas

     
  • Nobody/Anonymous

    Logged In: NO

    Hello,

    domain based dfs is stored in AD, so when using \\domain-controller-ip\share1_member1 and \\domain-controller-ip\share2_member2 it should work. If not, you can add a DFS link to member1 which points to member2.

    bye
    Thomas

     
  • Nobody/Anonymous

    Logged In: NO

    Thomas,

    I'm going on vacation next week. Send me your direct email and when I get back, I will email you some screen shots to try to illustrate what I am saying... or try the steps I suggested and it may become more obvious.

    And thanks for your time on this... I still think webdisk is pretty cool although I couldn't get 0.44 to work.

    My direct email is nathan"dot"epp"at"usask"dot"ca (replace "dot" with . and replace "at" with @).

     
  • Nobody/Anonymous

    Logged In: NO

    Hello,

    sorry, I'm not going to set up three machines.
    If you can't get it working, you might try other products.
    My email is on the homepage.

    bye
    Thomas

     
  • Thomas Bley

    Thomas Bley - 2007-07-14
    • status: open --> pending
     
  • SourceForge Robot

    • status: pending --> closed
     
  • SourceForge Robot

    Logged In: YES
    user_id=1312539
    Originator: NO

    This Tracker item was closed automatically by the system. It was
    previously set to a Pending status, and the original submitter
    did not respond within 14 days (the time period specified by
    the administrator of this Tracker).

     
  • Nobody/Anonymous

    Logged In: NO

    Thomas, I see that they have now released a jcifs update 1.2.16 that supports domain dfs. I tried to drop in this jcifs jar file into my webdisk install to try it but I get an error. Could you release an update that incorporates the latest jcifs?

    By the way, I wasn't able to get 0.44 to work at all.

     
  • Thomas Bley

    Thomas Bley - 2007-08-24

    Logged In: YES
    user_id=922402
    Originator: NO

    Hello,

    the new jCIFS release only takes the DNS members of a specific name and merges their shares into one location. This causes big problems if a server has more than one network card. Also if one machine is down, you probably won't be able to access the other machines. So I won't update to the new release.

    bye
    Thomas

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks