Issues with DFS; can’t browse a linked share (XP SP2?)


I always wanted to implement DFS in my little domain at home.

Every time I tried something didn’t work and I was in no mood to dig after what was wrong. I was adding links and even though I was being able to see the DFS root and the shares that I linked I was getting access denied or whatever.

Until approximately a month ago when I said: Enough! I have to find out what the problem is. You really have to try hard to find this one out or maybe I’m not that good with terms for searching. Anyway, this is it:

http://www.pcreview.co.uk/forums/thread-246242.php

excerpt:

Re: XP SP2 and DFS link to local share


As a follow up,
I don’t have IPv6 installed here, so that shouldn’t be the issue.
After I posted originally I saw MS had released this article relating to the
first hotfix for SP2
http://support.microsoft.com/kb/884020/en-us
The article states that SP2 changed the way it handles the loopback range
(127.0.0.0/8) in that it now only allows connections to 127.0.0.1. Apparently
this doesn’t apply to ICMP as I can still ping any address in the range and
get a response from 127.0.0.1.
This range is almost certainly used when accessing the local host through
DFS, but I am unable to determine if it’s using 127.0.0.1 or something else.
The only thing I have to confirm the loopback usage is a repeatable (by
trying to access the share through dfs) eventlog error (systemlog – 3019 from
MRxSMB) saying "the redirector failed to determine the connection type",
which makes sense since there is no auto-negotation by the loopback device.
Unfortunately I havent been able to find anything (free) I can use to sniff
the loopback traffic since it’s a pseudo device. All the traffic that
actually hits the wire looks okay.
I’d try the aforementioned hotfix, but I’d rather have my users cope with
the immense burden of having to access the local folder some other way.

….

Good news,

I found a thread from a few days ago on
microsoft.public.windows.server.dfs_frs about this same issue. The suggested
solution was to add a value (REG_DWORD) named "EnableDfsLoopbackTargets" to
HKLM/System/CurrentControlSet/Services/Mup/Parameters and set it to 1
.

I tried this and it worked (reboot required).

Bottom line: it seems it’s a manifestation of XP SP2 security improvements and can be fixed by adjusting the registry a bit. Just follow the last paragraph above. DFS worth it!

Happy New Year!

Advertisements

One thought on “Issues with DFS; can’t browse a linked share (XP SP2?)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s