Category: DFS

Troubleshoot DFS Connectivity on Clients

Posted on by admin

To troubleshoot when clients have issues accessing DFS shares. This occurs mostly over VPN connections. Just a few notes to help troubleshooting these cases. Mostly this happens on Windows XP or when DNS settings are incorrect.

  • Make sure machines can see each other, for example ping both ends.
  • Make sure you enable file sharing.
  • Make sure client is in the same DOMAIN.
  • Enable NetBIOS over TCP/IP.
  • Make sure no firewall/security software block sharing.
  • Create the same username and password on all shared computers.
  • Disable the IPv6 from the property page of the NIC.
  • Reset Network Security LAN Manager Authentication Level from the default setting (NTLMv2 only) to Send LM & NTLM – use NTLMv2 session if negotiated.
  • To rule out permissions test the users account on a different XP client. For instance a Windows XP client hooked up to a guest Internet port, logged in locally as relevant user, using user’s own VPN account and then trying DFS. This will ensure it is a DFS/DNS issue on client’s pc or network and not a generic permissions issue.
    Check general requirements (VPN interface):

    C:\Program Files\Support Tools>ipconfig /all

    Check for correct DNS servers, WINS servers and DNS suffix. While connected to VPN use nslookup to check if correct DNS server is being used.

    **Note if you are experiencing DNS hijacking as done by some ISP’s, it is out of scope of this document and need to be resolved first.

    Check output of this DNS command for DFS and/or DNS server entries:

    C:\Program Files\Support Tools>ipconfig /displaydns

    Test basic non DNS Windows file sharing:

    C:\Program Files\Support Tools>start \\172.20.10.222
** You should see an explorer window displaying the volumes of this server.

C:\Program Files\Support Tools>net view \\172.20.10.222
Shared resources at \\172.20.10.222
Share name  Type  Used as  Comment
-------------------------------------------------------------------------------
NETLOGON    Disk           Logon server share
SYSVOL      Disk           Logon server share
The command completed successfully.

    Try DFS share from command line:

    C:\Program Files\Support Tools>net use * \\YOUR_DOMAIN\TOP_LEVEL_SHARE

    Install Windows XP Service Pack 2 Support Tools:
    http://www.microsoft.com/downloads/en/details.aspx?FamilyID=49ae8576-9bb9-4126-9761-ba8011fabf38&displaylang=en

    Run dfsutil /pktinfo and record results:

     C:\Program Files\Support Tools>dfsutil /pktinfo
--mup.sys--
3 entries...
Entry: \domain.com\SysVol
ShortEntry: \domain.com\SysVol
Expires in 0 seconds
UseCount: 0 Type:0x1 ( DFS )
   0:[\server0.domain.com\SysVol] State:0x131 ( ACTIVE )
   1:[\server1.domain.com\SysVol] State:0x21 ( )
...snip
  16:[\server16.domain.com\SysVol] State:0x21 ( )

Entry: \domain.com\corp
ShortEntry: \domain.com\corp
Expires in 0 seconds
UseCount: 2 Type:0x8081 ( REFERRAL_SVC DFS )
   0:[\server0\Corp] State:0x119 ( ACTIVE )
   1:[\server1\Corp] State:0x09 ( )
...snip
  11:[\server11\Corp] State:0x09 ( )

Entry: \domain.com\corp\us
ShortEntry: \domain.com\corp\us
Expires in 360 seconds
UseCount: 0 Type:0x8001 ( DFS )
   0:[\server0\DFSData$\usdfs101_data1\corp\US] State:0x131 ( ACTIVE )

Done processing this command.

    Run dfsutil /spcinfo and record results:

     C:\Program Files\Support Tools>dfsutil /spcinfo
[*][server.sonosite.com]
[*][DOMAIN]
[*][domain.com]
[+][domain.com]
        [+server0.sonosite.com]
...snip
Done processing this command.

    Links:
    http://support.microsoft.com/kb/975440

Posted in DFS

Howto restore DFS-R Conflict data

Posted on by admin

A simple vbscript to allow recovery of DFS Replicated files that have been pushed into the ConflictAndDeleted or PreExisting folders due to misadventure.

Remember, this script must be run from a CMD prompt using cscript.exe. Don’t just double-click the script.

DO NOT JUST COPY THE TEXT ON THIS SCREEN – DOWNLOAD THE SCRIPT FROM THE DOWNLOADS PAGE. OTHERWISE YOU WILL RECEIVE ERROR:

“VBSCript error: Object required: ‘objXMLDoc’

Sample snippet…

CSCRIPT.EXE RESTOREDFSR.VBS

The script also requires to edit three paths (your source files, a new destination path, and the XML manifest you are calling). If you fail to edit those the script will exit with an error:

'=======================================================================
' Section must be operator-edited to provide valid paths
'=======================================================================

' Change path to specify location of XML Manifest
' Example 1: "C:\Data\DfsrPrivate\ConflictAndDeletedManifest.xml"
' Example 2: "C:\Data\DfsrPrivate\preexistingManifest.xml"

objXMLDoc.load("C:\your_replicated_folder\DfsrPrivate\ConflictAndDeletedManifest.xml") 

' Change path to specify location of source files

' Example 1: "C:\data\DfsrPrivate\ConflictAndDeleted"
' Example 2: "C:\data\DfsrPrivate\preexisting"

SourceFolder = ("C:\your_replicated_folder\DfsrPrivate\ConflictAndDeleted")

' Change path to specify output folder

OutputFolder = ("c:\your_dfsr_repair_tree")

'========================================================================

This script is an unsupported, as-is, no-warranty, last gasp, solution. If you are using it, you don’t have any backups, you are not using Previous Versions, and you are praying that you have not hit the conflictanddeleted quota (which is only 660MB by default).

This new version now properly detects all file and folder types, runs a bit faster, and no longer requires weird trailing backslashes. It does not support command-line arguments as the very idea bores me to tears.

Make sure you destroy all previous versions of this script you have lying around.

Link and script here: RestoreDFSR (recover conflicted or pre-existing files)