Microsoft's official enterprise support blog for AD DS and more
Our DFS PM pal Jose Barreto has a new article out that you will should find interesting. We really don't provide a lot of guidance on TechNet about designing DFS namespaces, so Jose goes into it in great detail:
Three ways to design your DFS Namespaces
Give it a read.
Ned "Jose Referral Cache" Pyle
The DFSN team has posted new scalability and performance information on their component at their official team blog. It's definitely worth a read if you are thinking about moving on from Windows Server 2003:
Windows Server DFS-Namespaces Performance and Scalability
- Ned 'That's a lotta links!' Pyle
Hi, Ned here again. If you have spent any time in the DFSR debug logs, you’ll probably found that getting a file’s full path is a bit of a pain. For example, examine this sample debug log of a file being replicated – see if you find the folder’s path in here anywhere. Go ahead, I’ll wait.
You didn’t find anything because the debug logs won’t tell you. DFSR uses an ESE database to keep track of file and folder paths as part of their IDRECORD information. If you were to examine the database rows directly, you’ll find that its tables don’t contain the full path either. Instead, a record of each ‘object’ (file or folder) is stored as a Unique Identifier (UID) and its relationship with its parent and children UID’s is stored as well. So when you look in the debug logs, you see:
<Upstream> 20090624 12:04:56.359 3196 JOIN 1122 Join::SubmitUpdate LDB Updating ID Record: + fid 0x200000000A752 + usn 0x930508 + uidVisible 1 + filtered 0 + journalWrapped 0 + slowRecoverCheck 0 + pendingTombstone 0 + internalUpdate 0 + dirtyShutdownMismatch 0 + meetInstallUpdate 0 + meetReanimated 0 + recUpdateTime 20080624 16:04:56.339 GMT + present 1 + nameConflict 0 + attributes 0x20 + ghostedHeader 0 + data 0 + gvsn {EDE2D64E-1306-4C7C-B568-449A98371AA2}-v29 + uid {EDE2D64E-1306-4C7C-B568-449A98371AA2}-v29 + parent {175F2B6A-289F-4CA8-AF8B-4D9BF1A2C501}-v2 + fence 16010101 00:00:00.000 + clockDecrementedInDirtyShutdown 0 + clock 20080624 16:04:56.339 GMT (0x1c8d6140ba94250) + createTime 20080624 16:04:56.258 GMT + csId {175F2B6A-289F-4CA8-AF8B-4D9BF1A2C501} + hash 00000000-00000000-00000000-00000000 + similarity 00000000-00000000-00000000-00000000 + name somefile.txt
So what if you want to actually get the real path of a file? That is useful in large environments where file name uniqueness gets less common.
Just provide the UID to this well-hidden WMI Method in a CMD prompt:
Wmic.exe /namespace:\\root\microsoftdfs path dfsridrecordinfo.Uid="your uid here" call getfullfilepath
For example:
Wmic.exe /namespace:\\root\microsoftdfs path dfsridrecordinfo.Uid=”{EDE2D64E-1306-4C7C-B568-449A98371AA2}-v29" call getfullfilepath
Which would tell you:
Method execution successful. Out Parameters: instance of __PARAMETERS { FullPath = "C:\\testrf\\somefile.txt"; ReturnValue = 0; };
Sorta ugly, but it gets the job done.
So much easier now! DFSRDIAG.EXE now supports the IDRECORD option.
DFSRDIAG IDRECORD /UID:some_uid
C:\>dfsrdiag idrecord /uid:{EDE2D64E-1306-4C7C-B568-449A98371AA2}-v29 File name : somefile.txt Path : c:\testrf\somefile.txt UID : {EDE2D64E-1306-4C7C-B568-449A98371AA2}-v29 GVSN : {{EDE2D64E-1306-4C7C-B568-449A98371AA2}-v29
C:\>dfsrdiag idrecord /uid:{EDE2D64E-1306-4C7C-B568-449A98371AA2}-v29
File name : somefile.txt Path : c:\testrf\somefile.txt UID : {EDE2D64E-1306-4C7C-B568-449A98371AA2}-v29 GVSN : {{EDE2D64E-1306-4C7C-B568-449A98371AA2}-v29
Not ugly at all. Read more about this and other new DFSRDIAG features here: DFS Replication: What’s new in Windows Server™ 2008 R2
- Ned ‘Breadcrumbs’ Pyle
Ned here again. Are you using MS Dynamics CRM? Be sure to check this excellent blog post from our colleagues Jeremy Morlock and Henning Petersen on how CRM uses Service Principal Names and what you need to get it all working:
http://blogs.msdn.com/crm/archive/2009/08/06/configuring-service-principal-names.aspx
It covers the following scenarios, step by step:
Nice work guys!
- Ned 'you SPN me right round' Pyle
Two years ago the AskDS blog was created. A few days later we had our first post. A huge thanks to you for all of your questions, comments, and kind words over the years; we really appreciate them.
Ned 'Chuck E. Cheese' Pyle
974716
How to set up kernel debugging information in Vista/Win2008 at boot time
973624
After you use a smart card to log on to a computer that is running Windows XP, Digest authentication fails
974815
A local group cannot be found if it is nested inside another group on a Windows Server-based or Windows-based client
974814
Microsoft-Windows-RPC-Events Event 11 when running Server Manager
974774
Files are replicated with DFSR between servers even though file contents are unchanged
BitLocker and Active Directory
Implementing an OCSP Responder: Part V High Availability
Implementing an OCSP Responder: Part VI Configuring Custom OCSP URIs via Group Policy
The AD Recycle Bin: Understanding, Implementing, Best Practices, and Troubleshooting
Microsoft Team Traces Malicious Users
Debug 101: Examining Memory Use
Working on an Application Compatibility Issue? Let us Help!
System Center Virtual Machine Manager 2008 R2 – RTM and download
Getting AD Schema information from Powershell
WMI Queries the easy way, Item-level Targeting the much faster and easier way
Using multiple UPN suffixes for users in single directory
Help Define the Requirements for the Next Version of Active Directory at TEC Europe
W2K3 to W2K8 Active Directory Upgrade Considerations
7 Laws of Identity
Dear joe… how do I find old trusts…
Windows 7 Security Overview
ILM AD MA, linked attributes and Recycle Bin
BITS Compact Server & WMI provider
Where is the guidance for Active Directory in the DMZ?
Active Directory Powershell to manage Sites and Subnets – Part 3 (Getting Site and Subnets)
Fourteen years ago today, Windows 95 introduced the world to the Start button and the Taskbar. Most OS's, Microsoft or not, have been loving up on that design ever since. Happy Birthday Windows 95!
- Ned 'Feeling Old' Pyle
KB
973573
Services that are running under the Network Service account cannot access the \?? namespace after security update MS09-012 (956572) is installed
970176
A Windows Server 2003 SP2-based DNS server does not route a name resolution request to the expected DNS server through the stub zone
974070
The changes that you made to a shared .xls file in an offline folder are not saved
973554
Performance is significantly reduced when you copy or write small files from a computer that is running Windows Vista or Windows Server 2008 into a shared folder that is hosted on a computer that is running Windows Vista or Windows Server 2008
972904
A black screen is displayed and then the system stops responding when you log on to a computer that is running Windows Vista or Windows Server 2008
973510
Downloaded files do not inherit the permissions from the parent folder when you use the Ftp.exe program to download files in Windows Vista or in Windows Server 2008
973772
Group Policy Preferences stops responding when you try to configure the printer item for printers that use third-party drivers on a Windows Vista or Windows Server 2008-based computer
972841
Windows Search does not return files or folders that are under DFS-linked folders on a Windows Vista SP2 or on a Windows Server 2008 SP2-based computer
970916
An application that subscribes to ISensLogon interface events stops receiving logon or logoff event notifications after you log off Windows Vista or Windows Server 2008
970974
The Folder Options preference in Group Policy Preferences is reapplied on a Windows Vista or on a Windows Server 2008-based client computer, even when you select the “Apply once and do not reapply” option
972616
You cannot use the "runas" command to print from different user accounts in a single session from a 32-bit program on a computer that is running 64-bit version of Windows Server 2008 or Windows Vista
972999
Error message when you use Event Viewer to open an event log on a Windows Vista or a Windows Server 2008-based computer: "Event Viewer cannot open the event log or custom view"
971222
Users who are members of the Power Users group or of the Print Operators group cannot install the local printers on a server that is running Windows Server 2008
972299
An "Access Denied" error message is returned when you edit an access control on a network-mapped drive on a Windows Server 2008-based computer
968074
An update is available that enables the Terminal Services license servers that are running Windows Server 2008 to be able to use the CALs for the Windows Server 2008 R2 Remote Desktop Services
971677
A Hyper-V differencing disk that you create in Windows Server 2008 R2 cannot be used in Windows Server 2008
Blogs
· CRM and Kerberos
· Mapping One Smartcard Certificate to Multiple Accounts.
· Split IO and Intermittent “File Not Found” Errors
· Debug 101: What does !analyze do?
· Microsoft delivers test versions of SQL Server 2008 R2
· Managing W2K3 AD domain through Windows Vista or Windows Server 2008 (R2)
· CentOS, OpenSUSE & More Linux Distros on Hyper-V R2!
· NET TIME and w32time
· Windows Server 2008 and Windows Server 2008 R2 Automate Metadata Cleanup
· OldCMP and the dreaded LDAP Error 0×50 “OTHER”
· Two Minute Drill: Debugging – lm, not just Alphabet Neighbors
· Cool Articles: Group Policy Modeling, Windows 7 / Server 2008 R2 functionality
· Federation Services and Direct Access
· Windows 7: Windows XP Mode Release Candidate Now Available
· ADFS Event ID 111
· Finding the SQL server ADFS is using
· Active Directory Federation Services (the server formerly known as Geneva)
· Enabling Logging in ADFS
· Different GPOs for HUBs and for Branch DCs
· Forward-links, Back-links and how these are maintained