Configuring User Name Mapping on a server cluster

  • Article

Applies To: Windows Server 2003 R2

A server cluster is a group of independent computer systems, known as nodes, working together as a single system to ensure that mission-critical applications and resources remain available to clients. Every node is attached to one or more cluster storage devices. Clustering allows users and administrators to access and manage the nodes as a single system rather than as separate computers.

User Name Mapping is specifically designed to make use of the server cluster and the server cluster's ability to replicate configuration settings among its nodes. This means that when User Name Mapping is installed on the nodes of a cluster, all changes to the configuration of User Name Mapping on one node are automatically replicated to User Name Mapping on all other nodes of the cluster. Consequently, you can manage User Name Mapping on all the nodes in the cluster simply by administering User Name Mapping on any one node. This ensures that user and group mappings and other settings will be identical on all servers in the cluster, thereby allowing you to easily achieve static load balancing by distributing User Name Mapping clients among the nodes of the cluster.

To install User Name Mapping on a cluster

  1. Create one cluster group for each node with its own Internet Protocol (IP) address and network name resource, and assign the preferred owner for each group so that it is primarily owned by a different node. This allows you to achieve static load balancing.

  2. Install User Name Mapping on the nodes of the cluster one at a time. Before installing User Name Mapping on a node, move all groups away from the node.

  3. When User Name Mapping has been installed on all nodes, return all groups to their primary owners.

  4. Configure User Name Mapping on any node. Settings changed on one node are automatically replicated to all other nodes in the cluster.

  5. Configure each client computer to use the virtual server name from one of the cluster groups as its User Name Mapping server. This will ensure that client computers will continue to be served by User Name Mapping in case of node failure. To provide static load balancing, evenly distribute clients among the virtual servers of the cluster.

Note

To ensure proper operation of User Name Mapping on a server cluster, when stopping the server cluster, first stop User Name Mapping, then stop the server cluster. To run User Name Mapping on a server cluster, you must install User Name Mapping on the nodes of an existing cluster. Adding a stand-alone computer that is already running User Name Mapping as a new node in an existing cluster is not supported. When running User Name Mapping on a server cluster, do not create maps using local Windows user and group accounts. Because the security identifiers (SIDs) of local accounts are recognized only by the server where those accounts were created, other nodes in the cluster will not be able to resolve those accounts when the server fails. Instead, you should create maps using domain accounts only. If the cluster service is restarted on a node, you must also restart the User Name Mapping service. Until you do, configuration changes will not be replicated to and from User Name Mapping on the node. User Name Mapping configuration changes are not properly replicated among nodes in a cluster if you run Microsoft Services for Network File System (NFS) or mapadmin on a computer that belongs to a domain that is not trusted by the domain of the cluster. To ensure that User Name Mapping configuration changes are properly replicated, always administer User Name Mapping running on a cluster using a computer that belongs to a trusted domain. You must maintain identical .maphosts files on all servers in the pool. For more information about the .maphosts file, see Securing access to the User Name Mapping server. If you use password and group files to provide user and group information for User Name Mapping running on a cluster, you must store the password and group files on local disk drives on each node, and the system administrator must update these files as required. In addition, if you restore mapping settings from a backup file, you must also copy the restored password and group files to the appropriate location on all of the nodes in the server cluster and ensure that all nodes in the cluster are configured to use password and group files located in the same local path. For more information about backing up and restoring User Name Mapping data, see Backing up and restoring maps. If you are running User Name Mapping as well as Server for NFS on a server cluster, configure each node of the cluster to use localhost as its User Name Mapping server.