Dfs problems

  • Article

I run an active directory domain at home and I ran into some problems over the weekend.  I'm not an active directory guru by any means but this problem seems rather obscure and I wanted to post this to help anyone else who might find themselves in the same situation.

I have several computers at my house

  • Firewall/Gateway (not on the domain)
  • Domain Controller
  • My desktop (XP SP2)
  • My fiance's desktop (XP SP2)
  • Laptop (XP SP2)

All of my active directory user accounts have DFS mapped home directories.  Previously the physical drive was in my girlfriends computer.  After recent hardware issues, I moved the hard drive into my desktop and reworked the DFS maps. 

Once again, when everything seems solved, the problems really start.  I log on and off my computer to flush out any offline file problems and let XP pick up the new DFS map.  When I log back on, XP can't map my home directory from the DFS share.  I type in the DFS path manually and I get an access denied error.  I verify that XP is picking up the updated target. 

Next step is to check all of the ACL's.  I verify that they are all correct.  Now I tried typing in the UNC path of the share without DFS and it works???

Then I tried to access the DFS share from my laptop to see if there was just an issue with my desktop.  Works perfectly!!!  My fiance's can also access her share. 

At this point I resort to google.  It took an hour or so but then I found this article.

   https://www.msfn.org/board/index.php?act=ST&f=34&t=26298

Seems this guy was having the same problem as me.  The fix he found was adding a DWORD EnableDfsLoopbackTargets, value 1, into HKLM/System/CurrentControlSet/Services/Mup/Parameters.  He said he found it on an msce newsgroup.  He believes it's related to upgrading to XP SP2. 

The fix worked beautifully.  So naturally I'm curious as to the full ramifications of this fix.  So I type in EnableDfsLoopbackTargets into google to get some more information.  The only link that comes up is this guys post.  Odd.

I've yet to find out if there are any other ramifications to making this change or why this change needs to be made at all.  Please comment if you have any information on this fix.