shakdk
asked on
Access-Base Enumeration (ABE) in a cluster
Has anybody gotten ABE to work in a cluster? Everything works fine while the group is on one of it's prefered server. When I move the group to another server, I can go to the properties of the share, click on the tab named "access-based enumeration", but the check mark to "enable Access-based enumerations on this shared folder" becomes unchecked, so ABE isn't working which becomes a problem. Anyone know how to make the setting stick on a failover?
Thanks in advance,
Dave
Thanks in advance,
Dave
Netman66
ABE must be installed on all servers to make it available.
ASKER
ABE is installed on all servers so the tab is there, I just need to check it everytime the group moves.
What volumes are you attempting to set this on? I suspect the shared storage.
Have you seen this?
http://support.microsoft.com/kb/907458/en-us
ACLs must be the same on the link as the folders themselves.
I need to experiment a bit. Does this group move on failover?
http://support.microsoft.com/kb/907458/en-us
ACLs must be the same on the link as the folders themselves.
I need to experiment a bit. Does this group move on failover?
ASKER
Not sure if I'm building the correctly so any advice is welcome. I am building a cluster of three servers to act as our file server. to balance load, I created a group called USER that has the user folders and have that on Server2. I created another group for shared folders called SHARED and have that on Server3. Folders from both groups are able to fail over and move between all three servers without any problem. Then I loaded ABE. I changed the rights on test folders that I created and everytihing worked fine. I then moved USER from Server2 to Server3. All resources came up fine. (Physical Disk, File Share, IP address, and Network Name) but I could see all the folders from my test workstation. I looked at the ABE tab on the properties and the checkbox for enable ABE was not checked. Checked it again, clicked ok, and test workstation then shows correct folders. Moved back to Server3 and same problem occurs. Are there scripts that can be run after a failover? Maybe I can use the ABE scripting to re-enable it.
Oh...to answer your question if I didn't already, yes, its shared storage on an HP SAN.
Oh...to answer your question if I didn't already, yes, its shared storage on an HP SAN.
ASKER
Thanks or the link. I was looking for something like that but my search phrases didn't quite match. I'm in the process of setting up DFS using instructions from article ID 301588. I guess after I've got tht going I'll try to implement your article. Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well, after reading the link you provided, I was still confused. Did more searching on the web and found a microsoft technet article about it. Followed the instructions and everything works. http://blogs.technet.com/windowsserver/archive/2005/07/06/407385.aspx
Here's what is says to do:
1. Install ABE tool from the download location and install it on each of the nodes in the cluster.
2. From the cluster administrator, for each share in the cluster, create a resource of type “application”. In the command to execute for this resource
(under parameters), the following command should be entered “cmd /k abecmd /enable <sharename>”. Additionally, if you don’t want that cmd.exe
will appear on the desktop, ensure that the option “Allow interaction with the desktop” isn’t checked.
3. Make this resource depend on the share resource. (Make sure that both the application resource and the share resource are part of the same group)
4. Take the group offline and back online to ensure that the shares that need to be ABE enabled are actually so.
From this point on, you are good and whenever the share fails over to another node, then ABE setting follows.
Couple of items to note. Create the "generic application" resource in the same group as the file share. When the script refers to <sharename>, use the one that you can see in Computer Management, System tools, shared folders, shares.
Other than that, it works like a charm.
Here's what is says to do:
1. Install ABE tool from the download location and install it on each of the nodes in the cluster.
2. From the cluster administrator, for each share in the cluster, create a resource of type “application”. In the command to execute for this resource
(under parameters), the following command should be entered “cmd /k abecmd /enable <sharename>”. Additionally, if you don’t want that cmd.exe
will appear on the desktop, ensure that the option “Allow interaction with the desktop” isn’t checked.
3. Make this resource depend on the share resource. (Make sure that both the application resource and the share resource are part of the same group)
4. Take the group offline and back online to ensure that the shares that need to be ABE enabled are actually so.
From this point on, you are good and whenever the share fails over to another node, then ABE setting follows.
Couple of items to note. Create the "generic application" resource in the same group as the file share. When the script refers to <sharename>, use the one that you can see in Computer Management, System tools, shared folders, shares.
Other than that, it works like a charm.
Good job and great info!
Thanks.
Thanks.