Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

DFS Root not visible when \\domain_name.ds is entered in explorer

Posted on 2009-05-19
15
Medium Priority
?
2,751 Views
Last Modified: 2012-05-07
I'm somewhat at my wits end here and I'm sure it's probably something stupid that I'm missing or perhaps this is an expected behavior.

This is a new DFS implementation. It's a Win2K3 R2 domain-based DFS. DFS server is Win2K8  (running in win2000 mode) named DFS01. My domain name is qa1.ds.

I created several DFS Roots "APPLICATIONS", "STAGING", "USER_DATA", etc.

When I type \\QA1.DS\Applications, \\QA1.DS\STAGING, \\QA1.DS\USER_DATA - I can see the contents of the folder. However, if I go up one level to \\QA1.DS - it shows me shared objects on my domain controller - e.g. SYSVOL, NETLOGON, Printers and Faxes and Scheduled Tasks - none of the roots show up.

How do I stop traffic from going to my DC and instead just show my DFS roots? So, when I type \\QA1.DS - I want to see this:
\\QA1.DS
            |__APPLICATIONS
            |__STAGING
            |__USER_DATA

Is it even possible?
0
Comment
Question by:CynepMeH
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 4
15 Comments
 
LVL 23

Expert Comment

by:debuggerau
ID: 24428170
Have you published the share in AD?

Goto computer management, shares and check each share under the publish tab.
0
 
LVL 11

Author Comment

by:CynepMeH
ID: 24428398
2008 server does not seem to offer that tab. I tried publishing it directly via ADUC and still no luck - when I hit \\brqa1.ds I'm still seeing my DC's shared resources.

I think it could be DNS related... no?
0
 
LVL 23

Expert Comment

by:debuggerau
ID: 24428713
yes, what ever DC your connecting too should show up when looking at the domain share, however DFS is different.

It will create a replication of a share that you specify.

If that share is replicated across all DC's, it should be accessible that way, however, if it is not, providing a root domain share would only let people down when it was unavailable.

So, no, I don't think it is 'displayed' as a domain wide share.

0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 6

Expert Comment

by:tatw
ID: 24429053
For DFS implementation, I will create dfs root like this

\\QA1.DS\root\
                      |__APPLICATIONS
                      |__STAGING
                      |__USER_DATA

So the dfs root is \\yourdomain\root
0
 
LVL 23

Expert Comment

by:debuggerau
ID: 24429071
either way will work, but having it publish at the root wont expose them on all DC's unless it is replicated everywhere..

0
 
LVL 11

Author Comment

by:CynepMeH
ID: 24432960
@debuggerau - I'm not quite clear on your comments, can you please provide little more detail? What do you mean by "replicated everywhere"? When you have AD-integrated DFS, AFAIK it _is_ replicated as part of usual replication. As a matter of fact you can even use DFS as a replacement for FRS to replicate AD data.

Perhaps this will help to simplify the question:

Is there a way to see JUST DFS roots (not DC shares) when I type \\domain_name  (FQDN or NetBIOS) or must I always type \\domain_name\dfs_root_name?
0
 
LVL 6

Expert Comment

by:tatw
ID: 24433518
You must always type \\domain_name\dfs_root_name.
For \\domain_name\, you will always get sysvol, printers and others.
0
 
LVL 11

Author Comment

by:CynepMeH
ID: 24435600
@tatw: thanks for your reply - do you have any links/references I can throw to my overlords to tell them it's not possible?
0
 
LVL 23

Expert Comment

by:debuggerau
ID: 24437653
been looking yesterday, but nothing came into view, its only suggested how it will work..

Let me check briefly..
brb
0
 
LVL 23

Expert Comment

by:debuggerau
ID: 24437728
I've got to backtrack on domain wide share..

a DFS share that is AD published, should be accessible anywhere, but your right in that it is not displayed unless you are on the DC with the share.

(P.S.) only DC shares are domain wide.

So, I was saying that if you create a share on all DC's and replicate them from within DFS, they should appear to all clients, no matter what DC they connect to..

So, you must have several DC's, and the share is not one that your authenticating against.
So if you start DFS on your authenticating DC and replicate that share onto your DC, it should appear as available to your client when you search:
 \\QA1.DS\

Hope that helps..
0
 
LVL 6

Expert Comment

by:tatw
ID: 24438246
Hi CynepMeH:

From http://support.microsoft.com/kb/315457
" Domain controllers will not service authentication request during the procedure. Only when the SYSVOL and NETLOGON folders are shared again will the domain controller"
I hope this could help u.


This link is talking about how to relocate the sysvol folders to different volume(not the share)
http://technet.microsoft.com/en-us/library/cc816594(WS.10).aspx
0
 
LVL 11

Author Comment

by:CynepMeH
ID: 24445944
TATW - I don't follow how these articles are applicable. I'm not looking to redirect sysvol, I'm aware of that process. I'm looking to prevent my \\domain_name going to my \\domain_controller.

Try it on your network - type \\your_dc_name

Now try \\your_domain_name

If you have DFS try seeing if your DFS roots show up under \\your_domain_name\

If you see Sysvol, netlogon, scheduled tasks, etc and not your DFS Roots then you're seeing your dc default shares - that's the behavior I'd like to correct. It seems a lot more plausible now that in order to accomplish it I may have to create DC-based DFS roots (which I don't want to do).

0
 
LVL 23

Expert Comment

by:debuggerau
ID: 24446755
Ok, if you don't want to redirect the sysvol etc to another share.
And you don't want to create DFS shares on your DC's.
But you want to have domain share not handled by the domain controllers.
Plus have root access to all DFS roots....
And have a public statement to that effect...

Sorry, cant be done.
0
 
LVL 6

Accepted Solution

by:
tatw earned 1500 total points
ID: 24451754
Well It is not possible to prevent sysvol shared on \\domain_name and \\dc_name.

If sysvol and netlogon is not shared then Domain controllers will not service authentication request during the procedure. This is what I want to tell you. (This is explicitly stated in the 1st link)

The 2nd link is just for you reference.
0
 
LVL 11

Author Closing Comment

by:CynepMeH
ID: 31583320
Thanks.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question