[linux-cifs-client] Domain based DFS namespace works?

Suresh Jayaraman sjayaraman at suse.de
Wed Feb 11 08:54:42 GMT 2009 

Igor Mammedov wrote:
> Suresh Jayaraman wrote:
>> Jeff Layton wrote:
>>> On Mon, 09 Feb 2009 18:29:33 +0530
>>> Suresh Jayaraman <sjayaraman at suse.de> wrote:

Let me try to summarize the discussions so far to understand clearly
about the missing pieces:

* With the current code, it is not possible to mount domain based
namespaces (DFS root) using AD domain name (using netbios name may not
also be feasible? I haven't tried, though). This is due to mount.cifs
being unable to recognize, resolve AD domain name to an address.

* In case the AD domain name resolved to an address of backup domain
controller, the cifs client should ask for referral.

* If AD domain name is resolved to multiple IP's then there could be a
configuration issue.

Missing pieces and proposed approach (from Igor)

* To resolve AD domain name => add SRV record support to mount.cifs
* To make cifs client ask for referral => tree walk approach
http://lists.samba.org/archive/linux-cifs-client/2009-February/004033.html
* Support for mounting directly DFS referrals is not there. I think I
have not seen a proposed approach for this, yet.

Also, If we want Domain based DFS namespace, is there a manual invention
or specific configuration required on Windows Server side to ensure
replication (by either FRS or DFS Replication) is being done on the
domain controllers other than the one which hosts the share? or it's
being taken care on the server side when you create domain based
namespace itself?

>>>> It's not clear to me whether complete domain based DFS namespace support
>>>> is available or not with linux cifs implementation. For e.g.

>>> I doubt that will work unless ad.domain happens to resolve to an
>>> address somehow. The mount.cifs program doesn't have support for
>>> recognizing an AD domain in the host portion of the UNC.
>> I think this is not happening now. The client should contact AD server
>> to know about the DFS root (since in domain based DFS namespace, the AD
>> is aware of the DFS namespaces). Yeah, obviously the mount.cifs should
>> recognize that it's a AD domain first.
> 
> I our AD setup AD domain name resolves to a bunch of IP addresses of domain
> controllers. So I guess it is a matter of a proper configuration of AD domain
> and DNS.
> Here is description of DNS usage by AD:
> http://technet.microsoft.com/en-us/library/cc759550.aspx
> 
> Adding deps to mount.cifs on ldap libs may not be a good idea, instead of 
> we can try to add SRV records support in mount.cifs. This way mount.cifs
> could ask for a domain controller by sending a query for SRV record
> _ldap._tcp.AdDnsDomainName.
> 

Thanks,

-- 
Suresh Jayaraman

More information about the linux-cifs-client mailing list