Creating a User Name Mapping pool

  • Article

Applies To: Windows Server 2003 R2

In larger networks, especially networks that extend across a wide area network (WAN), it is often desirable to run User Name Mapping on multiple computers. In the case of a WAN, running User Name Mapping on computers on the local area networks (LANs) as other computers running Microsoft Services for Network File System (NFS) can help ensure a high level of performance. Even if your network is not geographically dispersed, you might want to run User Name Mapping on more than one computer to improve performance and availability.

When you run User Name Mapping on multiple computers, you can create a pool of servers using Domain Name System (DNS) round robin. Doing this provides a number of benefits:

  • You can enhance performance by locating computers running User Name Mapping near other computers running Microsoft Services for NFS.

  • You can achieve load balancing by alternating which servers respond to mapping requests.

  • High availability can be ensured by providing redundant servers so that if one fails, other servers in the pool can continue to respond to mapping requests.

The first step in creating a User Name Mapping server pool is to install User Name Mapping on two or more servers. These servers must be configured and maintained identically to ensure that they provide consistent responses to mapping requests. The easiest way to do this is to use batch (.cmd) files that repeat the same mapadmin command for each server in the pool.

For example, you could install User Name Mapping on three servers named UNM1, UNM2, and UNM3. You would then create a batch file that would apply the same mapadmin command and arguments to all three servers:

REM POOLADMIN.CMD

REM Used to administer three User Name Mapping servers: UNM1, UNM2, and UNM3

REM Syntax: POOLADMIN mapadmin_argument[...]

mapadmin UNM1 %0 %1 %2 %3 %4 %5 %6 %7 %8 %9 -u UNM1\administrator -p admUNM1pwd

mapadmin UNM2 %0 %1 %2 %3 %4 %5 %6 %7 %8 %9 -u UNM2\administrator -p admUNM2pwd

mapadmin UNM3 %0 %1 %2 %3 %4 %5 %6 %7 %8 %9 -u UNM3\administrator -p admUNM3pwd

Use a file like this, or a similar technique, to configure and administer all the User Name Mapping servers in the pool, both before and after the pool has been created.

Once you have set up and configured the servers that will belong to the pool, the next step is to create the pool itself. You do this by configuring a DNS server to map a single name to the Internet Protocol (IP) addresses of all three User Name Mapping servers. For example, you could map the name UNMpool to the IP addresses for UNM1, UNM2, and UNM3. Whenever a client computer asks the DNS server to resolve the name UNMpool, the DNS server will return all three IP addresses, the first of which is the one most clients will use. Because the DNS server rotates (in a round-robin fashion) the order in which it returns the three IP addresses, this automatically provides for load balancing.

The final step in setting up a User Name Mapping pool is to configure computers on the network running Client for NFS or Server for NFS to use the virtual server name of the pool (UNMpool in the example). Because the DNS server rotates the order of the IP addresses it returns when it resolves this name, each of these User Name Mapping clients will receive a different primary IP address than the one given to the previous client, thereby automatically providing load balancing among the three User Name Mapping servers. In addition, these Microsoft Services for NFS components are designed to send mapping requests to each IP address it receives if requests to the previous IP address times out. This provides for automatic failover if one of the servers in the pool should fail.

As noted earlier, it is essential that all servers that belong to a pool are configured and maintained identically. If password and group files are used to provide UNIX account information for mapping users, for example, identical password and group files must be copied to and maintained on all servers in the pool. Similarly, if you use .maphosts files to control access to servers in the pool, you must maintain identical .maphosts files on all servers in the pool.