• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 429
  • Last Modified:

Problems with a Network Share available Two Separate Domains

I am in the process of setting up a new domain on our server.  Our server is running VmWare ESXi.  We currently have two domain controller virtual machines setup (the old one and the new one that will be replacing it).  One of our drives is being added to each domain controller via the iSCSI Initiator and being shared across each DC's network.  We are experiencing the following problems:

1) If a file is deleted on one of the two network shares, it still shows on the other share.
2) If a file is added to one of the two network shares, it doesn't show on the other share.
3) If a file is modified on one of the two network shares (for example, a vbs file), the changes do not show up on the other network share.

This is only one hard disk, not a mirror image.  I have already set HKLM\System\CurrentControlSet\Services\LanmanWorkstation\DirectoryCacheLifetime and HKLM\System\CurrentControlSet\Services\LanmanServer\DirectoryCacheLifetime to 0x00000000.

What am I missing?  How can two different versions of the same file exist on a single physical drive simultaneously?

Thanks in advance!
  • 4
  • 3
  • 2
1 Solution
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
if you have a single iSCSI LUN, you CANNOT connect the LUN to both Servers, simultaneously, without using Failover Clustering, and Clusted Shared Volumes.

iSCSI LUNs are not designed to connect to two servers at the same time - concurrently, what you are experiencing will happen, worse still you can end up with the entire volume being corrupted.

Is this what you are attempting to do?

I would add the iSCSI LUN to a DC, and then using two NICs (on different networks), Create a File Share, and share the contents of the physical drive (LUN) or use a NAS.
dietzmjAuthor Commented:
Yes.  We have quite a few iSCSI LUNs that we would like to have available on both domains until the changeover is complete.  Are the changes to these files being saved separately on each server?  I have another file share that shows available on one server and on the other says needs to be formatted...
uhoh... did I get you right???

You connected one (virtual) disc to two machines using iSCSI without setting up some cluster shared volumes?
I can't believe this being true...
I also can't belive this would work....

You also have two separate domains (without trusts) accessing this disk at the same time?
--> Question: if the filesystem is NTFS - how could you ever set permissions? (if the idea above worked at all)
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

I hope you are talking about problems in your lab, otherwise i hope you have a good - and working - backup.
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
You cannot do it, iSCSI LUNs are not designed for this!

Implement Failover Clustering and Clustered Shared Volumes, or use a NAS.

What you are experiencing is CORRUPTION!

Servers have no idea, any other server is writing to the volume, so your NTFS disk will be corrupted. (why would it, it's not normal!)
Are the changes to these files being saved separately on each server?

How should they do so? They are accessing the *same* disk for this data / changes - each Server will write to some Master File Table and will probably destroy the "other's Servers" MFT / overwrite data anywhere on the disk.

The longer you have this constellation the more data you can lose.

Stop that as soon as possible!

--> still hoping you are in a lab!
dietzmjAuthor Commented:
Lol, I was not in the lab, this was our office system.  Unfortunately, the wonderful IT company we enlisted for consulting decided to leave us high and dry, putting me (an unexperienced, persistent learner) to setup our new servers.  The old domain's LUN connections have been disconnected.  Before doing so, however, we did experience quite a bit of file corruption.  It sounds like, from what you are telling me and from what I can deduce, that basically because each server is unaware of the others MFT, new files are being written on top of parts of files modified on the other server, and vice versa.  I did the best I could to backup what data was still around, but this was not always possible (obviously) as some files had simply be written over.

I am, however, still experiencing some file corruption on data that previously WAS NOT corrupted, even though the other LUN has been taken offline.  This may COMPLETELY be a coincidence.  I am not sure.  I have run a check disk on each virtual drive.  I am backing up data more often than usual (as a just in case).  Any one have any thoughts on this?  Is this possibly a result of this major screw up I caused?  Or should I be looking elsewhere for the root of these NEW problems?

Thanks again!
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
if you have exoposed and use LUNs in this way there will be lots of corruption.
Oh dear, poor you.
Being left by some IT company is not what you want to have to take care of...

You are right with the MFT part. The only thing that could have done it even worse is an automatic defrag on one of the Servers ;-)

The problem is that you don't know exactly which data each server has overwritten.
Probably some files from "Server B" - that is now disconnected - have been accessible from "Server B" - but they aren't anymore on "Server A" - as the entrys on "Server A" are not up to date anymore.

The most secure way - and the only one I would ever trust - is:
- try to safe all data that your users have changed since the two servers connected to the single LUN - just in case. There could be some that are working.
- Test if your backup from before "the screw-up" WORKS. Double check.
- Format the LUN --> delete everything on it --> restore your backup and give your users access to the "safed files" (the ones that have been modified) in a different folder. So you have ALL your files that are 100% OK (restored) in one place and a place with "eventually working" files in another.
If a file of the latter is OK, users could copy it to where it belongs.

Otherwise your users could still find corrupt files in two years - as nobody knows which files are damaged. And: who knows if you still have your backup from 12.2012 in two years? Or five?
Wishing you all the best!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now