File Share Aliases and SPN

DNS, Windows Server

File Share Aliases and SPN

The site I am work at right now was testing their DR environment last week and the test failed because non of their DR file shares were working.

They do a SAN to SAN replication of the data to the DR file sever and then that one server hosts all the data for the 4 production file servers. The idea was that you would just set some cnames in DNS and away you go; this worked in Server 2003 but they have now upgraded to Server 2008R2 and it no longer worked.

We configured
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer \Parameters\DisableStrictNameChecking
as per this KB article but then the error was:

LogonFailure

This pointed to a Kerberos authentication failure, so we ran this:

setspn -a host/alias targetHostName

And we could now access the file share via the CNAME alias. We also added the FQDN of the CNAME to ensure that would work too.

Leave a Reply

Your email address will not be published. Required fields are marked *