[Samba] Domain DFS on samba 4
rs at sys4.de
Sun Oct 28 11:01:44 MDT 2012
Am 28.10.2012 17:46, schrieb Ludovic Rouse-Lamarre:
> Our company currently stores its data on centralized samba servers which
> causes performance problems for remote office employees. We are thinking
> of decentralizing the data with NAS in each office and synchronizing all
> the NAS on our central domain controller with MSDFS. I have heard this
> can be done in real time with Windows and Active Directory.
> The physical location of the data becomes transparent to the end user.
> The DFS path formed with the domain name remains \\DOMAINNAME\share123
> which points the client to the storage device which is physically
> closest to him (the local NAS), thus eliminating the latency problems
> and simplifying the paths to our servers.
> We are currently running a Samba domain and we tend toward open source
> solutions but this is something we need. From what I understand Samba 3
> cannot run domain DFS because it requires Active Directory. I would like
> to know if this will be possible with Samba 4?
there are many ways keeping data in sync i.e
rsync, div cluster file systems ( all open source ) etc, so you need to look
what exact fits best to you
dfs might not be ,the best solution for your setup
Configuring Samba for Dfs
To act as a Dfs server, Samba 2.2 must be compiled with the --with-msdfs
configure option. (See Chapter 2 for instructions on configuring and
compiling Samba.) Samba 3.0 includes Dfs support by default and does not
need to be compiled with the --with-msdfs configure option.
Once a Dfs-enabled Samba server is running, there are just two steps to
serving a Dfs share. First we will set up a Dfs root directory on the
server, and then we will modify the smb.conf configuration file to
enable the share.
Setting up the Dfs root
First we need to create a directory to act as the Dfs root:
# mkdir /usr/local/samba/dfs
This can be any directory, but it is important that it be owned by root
and given the proper permissions:
# chown root:root /usr/local/samba/dfs
# chmod 755 /usr/local/samba/dfs
The Dfs directory tree can have subdirectories and files, just like any
other shared directory. These will function just as they would in any
other share, allowing clients to access the directories and files on the
Samba server. The whole idea of Dfs, though, is to gather together
shares on other servers by making references to them in the Dfs tree.
The way this is implemented with Samba involves a clever use of symbolic
links, which can be in the Dfs root directory or any subdirectory in the
You are probably familiar with using symbolic links to create references
to files that exist on the same system, and perhaps crossing a local
filesystem boundary (which ordinary Unix links cannot do). But maybe you
didn't know that symbolic links have a more general functionality.
Although we can't display its contents directly, as we could with a text
or binary file, a symbolic link "contains" an ASCII text string naming
what the link points to. For example, take a look at the listing for
these symbolic links:
$ ls -l wrdlnk alnk
lrwxrwxrwx 1 jay jay 15 Mar 14 06:50 wrdlnk ->
lrwxrwxrwx 1 jay jay 9 Mar 14 06:53 alnk ->
As you can infer from the size of the wrdlnk link (15 bytes), the string
/usr/dict/words is encoded into it. The size of alnk (9 bytes) is
smaller, corresponding to the shorter name of dreamtime.
Now let's create a link in our Dfs root for an SMB share:
# cd /usr/local/samba/dfs
# ln -s 'msdfs:maya\e' maya-e
# ls -l maya-e
lrwxrwxrwx 1 root root 12 Mar 13 17:34 maya-e ->
This link might appear as a "broken" link in a directory listing because
it points to something that isn't a file on the local system. For
example, the file command will report:
$ file maya-e
maya-e: broken symbolic link to msdfs:maya\e
However, maya-e is a valid reference to the \\maya\e share when used
with Samba's Dfs support. When Samba encounters this file, it sees the
leading msdfs: and interprets the rest as the name of a remote share.
The client is then redirected to the remote share.
When creating links in the Dfs root directory, simply follow the same
format, which in general is msdfs:server\share. Note that this is
similar to a UNC appended onto the msdfs: string, except that in this
case, the two backslashes preceding the server's name are omitted.
The names for the symbolic links in Dfs shares must be in all lowercase.
In addition to regular network shares, you can use symbolic links of
this type to reference Dfs shares on other Dfs servers. However,
referencing printer shares does not work. Dfs is for sharing files only.
To set up a load-balancing Dfs share, create the symbolic link like this:
# ln -s 'msdfs:toltec\data,msdfs:mixtec\data' lb-data
That is, simply use a list of shares separated by commas as the
reference. Remember, it is up to you to make sure the shared folders
remain identical. Set up permissions on the servers to make the shares
read-only to users.
The last thing we need to do is to modify the smb.conf file to define
the Dfs root share and add Dfs support. The Dfs root is added as a share
path = /usr/local/samba/dfs
msdfs root = yes
You can use any name you like for the share. The path is set to the Dfs
root directory we just set up, and the parameter msdfs root = yes tells
Samba that this share is a Dfs root.
To enable support for Dfs in the server, we need to add one line to the
host msdfs = yes
Restart the Samba daemons—or just wait a minute for them to reread the
configuration file—and you will see the new share from Windows clients.
If you have trouble accessing any of the remote shares in the Dfs share,
recheck your symbolic links to make sure they were created correctly.
MfG Robert Schetterer
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Joerg Heidrich
More information about the samba