Lets go through few scenarios, where you can use the procedure described in this article:
- Change physical hardware of the file server. The new server will get new name because you probably don’t want a huge service outage. At some last stage you copy all files from old server to new one and shut down old server. So how old shortcuts will work, if the name is not accessible.
- Move data from several file servers to one. You keep share names and consolidate data, but old server names should be accessible.
- You migrate to (or from) DFS (Distributed File System).
- Maybe DFS or file server name seems a little awkward and you want to change it.
- Maybe some other cases, you name it
Ok, you have one of those stories. What’s next.
First of all you need to create a CNAME record on your DNS server. If your old file server name was OLDFS and new one is NEWFS (you need to use \\OLDFS to access the same stuff available on \\NEWFS), then you need this kind of record:
oldfs in cname newfs (it depends on DNS implementation, how it will be exactly). On Microsoft DNS you will create a record similar to the following picture:
If the name OLDFS is referring to a DFS, then you need to point to DFS namespace (for example FQDN of your windows domain).
So, the name resolution problem is solved – the desired server name refers to right server(s).
Next one you need to do is to have SPN (Service Principal Name) in place. For that you need a single command executed on your DC (maybe it will work on other computers as well).
setspn -a cifs/oldfs newfs
This command instructs newfs to accept oldfs as the server name for file server protocol. Or maybe it instructs the client computer. But anyway, this step is necessary (at least in some cases). The result of this command will remain in Active Directory.
If the OLDFS name will refer to DFS namespace, you need to run this command several times:
setspn -a cifs/oldfs DC1
setspn -a cifs/oldfs DC2
…
setspn -a cifs/oldfs DCN
If your infrastructure has a lot of domain controllers, you probably want to automate this. I suggest to use PowerShell commands:
import-module ActiveDirectory
Get-ADDomainController -filter * | foreach {setspn -a cifs/oldfs $_.name}
Get-ADDomainController -filter * | foreach {$_.name; setspn -L $_.name | findstr cifs}
First line imports AD module (did you remembered to run this command on DC?). Next one lists all domain controllers and for each of them runs the setspn command to add Service Principal Name. Last line lists SPN-s with cifs in the name, so you can check whether the name addition/update was successful.
And at last you need on your file server a little registry change on your file server:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanServer\Parameters]
"DisableStrictNameChecking"=dword:00000001
In case of DFS, the change needs to be done on all domain controllers. For that you can use Group Policy on Domain Controllers OU. The registry change can be done in Group Policy Preferences section as seen on following screen shots:
And now you are ready to access \\oldfs, which will redirect you to new file server or to your DFS.
No comments:
Post a Comment