Let me try to summarize the discussions so far to understand clearly
about the missing pieces:
* With the current code, it is not possible to mount domain based
namespaces (DFS root) using AD domain name (using netbios name may not
also be feasible? I haven't tried, though). This is due to mount.cifs
being unable to recognize, resolve AD domain name to an address.
* In case the AD domain name resolved to an address of backup domain
controller, the cifs client should ask for referral.
* If AD domain name is resolved to multiple IP's then there could be a
Missing pieces and proposed approach (from Igor)
* To resolve AD domain name => add SRV record support to mount.cifs
* To make cifs client ask for referral => tree walk approach
* Support for mounting directly DFS referrals is not there. I think I
have not seen a proposed approach for this, yet.
Also, If we want Domain based DFS namespace, is there a manual invention
or specific configuration required on Windows Server side to ensure
replication (by either FRS or DFS Replication) is being done on the
domain controllers other than the one which hosts the share? or it's
being taken care on the server side when you create domain based
Post by Igor Mammedov Post by Suresh Jayaraman Post by Jeff Layton Post by Suresh Jayaraman
It's not clear to me whether complete domain based DFS namespace support
is available or not with linux cifs implementation. For e.g.
I doubt that will work unless ad.domain happens to resolve to an
address somehow. The mount.cifs program doesn't have support for
recognizing an AD domain in the host portion of the UNC.
I think this is not happening now. The client should contact AD server
to know about the DFS root (since in domain based DFS namespace, the AD
is aware of the DFS namespaces). Yeah, obviously the mount.cifs should
recognize that it's a AD domain first.
I our AD setup AD domain name resolves to a bunch of IP addresses of domain
controllers. So I guess it is a matter of a proper configuration of AD domain
Adding deps to mount.cifs on ldap libs may not be a good idea, instead of
we can try to add SRV records support in mount.cifs. This way mount.cifs
could ask for a domain controller by sending a query for SRV record