So you want to publish a share from a folder on a Windows cluster, and you want your clients to be able to connect to that share via more than one UNC. In my case I needed to do this when I was upgrading an old NAS appliance to a state-of-the-art Windows 2008 R2 Cluster. The NAS appliance contains around a million Microsoft Office documents and there is a strong chance that some of the documents are linked together via UNC paths (links from a cell in one spreadsheet to a cell in another spreadsheet for example). So I have a need to maintain the old UNC as well as introduce a new one that will integrate into a four node geographically dispersed cluster.
example:
//oldservername/mickfolder
//newservername/mickfolder
Both these UNCs should take me to the same physical folder.
In the olden days back in Windows 2003 land this was easy. You could, for example, solve this by creating a DNS cname record becuase as long as you ended up at the same IP address you were golden. In Windows 2003 R2 Microsoft plugged this as a security issue since it invited various types of spoofing. The server service would examine the payload of the incoming SMB request and reject it if the server name in the UNC did not match the host name of the server (physical or virtual through a cluster). If you were happy to switch this feature off and carry the risk then you could do so via:
HKLM/System/CurrentControlSet/Services/Lanmanserver/Parameters/DisableStrictNameChecking
(New DWORD set to 1)
Now, in Windows 2008 R2 this is totally locked out. See this article on scoping:
http://blogs.technet.com/askcore/archive/2009/01/09/file-share-scoping-in-windows-server-2008-failover-clusters.aspx
This introduces the concept of client access points (CAPs) which, simply put, allows you to present any number of virtual server names within a cluster fileshare resource and even choose which shares are associated which CAP and thus which UNC. The process works perfectly through the GUI interface of the cluster administration tool, but here comes the rub - If you want to script that your are going to have a fun time.
Scripting the creation of a share on a cluster
For years you could achieve by employing two main methods. Let take the first one because I'm going to dismiss it fairly quickly - 'Net Share' this is a very mature command line application that allows you to create a share using a CMD prompt. With some simple but nifty batch file processing you could share all the sub-folders of a folder as long as you want the share name to be similar to the folder name. Take a folder called "HOME" and underneath there are user folders name MICK, PAUL, MARY for good measure lets say we want them the become hidden shares i.e. MICK$, PAUL$ and MARY$. This could easily be done with the following command:
for /d %%d in (*.*) do Net Share %%d$=r:\home1\%%d /GRANT:EVERYONE,FULL
Easy! However, if you want to publish via multiple virtual server names you are stuck because there is no way to specify the server name in the syntax of the NET SHARE command. So we have to dismiss that technique. Along comes WMI and we can publish a share and include the server name within the syntax. Here is a VB example to consider:
Const FILE_SHARE = 0
Const MAXIMUM_CONNECTIONS = 25
strComputer = "servername"
Set objWMIService = GetObject ("winmgmts:\\" & strComputer & "\root\cimv2")
Set objNewShare = objWMIService.Get("Win32_Share")
errReturn = objNewShare.Create("r:\home\mick", "mick$", FILE_SHARE, MAXIMUM_CONNECTIONS, "Mick's Home Drive")
The important thing here is that the Win32_Share allows us to specify a server name. Sweet! Except this does not work with the new CAPs technology. Instead we must use the newer Win32_ClusterShare for which there is absolutely no documentation yet. I'm in touch with Microsoft, I'll keep you posted...
Cheers! Mick.
No comments:
Post a Comment