Forum Discussion
vrivoire_97090
Nimbostratus
NimbostratusMS Print servers
Hi all,
I am planning to use my new F5 LTM to load balance Windows Server 2003 print servers. For the moment, it doesn't work for me: I can see the shared printer but I can't map it.
...
Here's the new link to the guide for creating the WMI monitor. As I recall it was pretty straightforward. I'm even using the same interval and timeout. Looking at my monitor properties, the only thing I see that is different is my alias service port is 3389 and the external program path is /usr/bin/monitors. Also, you'll need to enable remote WMI requests on the win2k8 boxes if not already enabled.
Monitoring WMI Services from Big-IP
Skye_85590Nimbostratus
NimbostratusIMPORTANT: This thread has confused quite a few people - npath is not necessarily required to get MS file and printer sharing to work. It is entirely possible to set up a simple network topology, not Npath, and use a SNAT (automap etc).
The following config worked once the Microsoft server requirements were satisfied:
- Standard virtual using SNAT automap, mapped for all ports, no port translation, to a pool with members mapped on all ports. You can use a custom tcp monitor with an aliased port (click "Advanced" in the monitor config) to monitor the all ports pool.
MS server configuration requirements (was Windows Server 2003 in this case - would appreciate feedback in this thread regarding requirements identified on other Windows versions):
- Disable Strict Name Checking
- Configure Optional Names (the DNS Name of the Virtual Server)
I suspect kerberos to be involved and I would like to see packet captures before and after the change but do not have time to do a repro.
If using npath, this will likely be needed: Disable Loopback Check
Details of the registry settings:
Locate and click the following key in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters
On the Edit menu, click Add Value, and then add the following registry value:
Value name: DisableStrictNameChecking
Data type: REG_DWORD
Radix: Decimal
Value: 1
Disable Loopback Check
1. Click Start, click Run, type regedit, and then click OK.
2. In Registry Editor, locate and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3. Right-click Lsa, point to New, and then click DWORD Value.
4. Type DisableLoopbackCheck, and then press ENTER.
5. Right-click DisableLoopbackCheck, and then click Modify.
6. In the Value data box, type 1, and then click OK.
7. Quit Registry Editor, and then restart your computer.
Configure Optional Names (the DNS Name of the Virtual Server)
Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters,
then create the OptionalNames value, you can enter a list of names. (This should be the DNS name setup for the VIP.)
Restart the computer, and the server will then respond to any of the names you listed.
Christopher_BooCirrostratus
Keep in mind when this thread was created about 90% of Devcentral focused on load balancing web servers. There was nothing from F5 and next to nothing on the net regarding hardware load balancing print servers. Based on Meena's thread and what I had found elsewhere, that config worked for me. Considering how many hits this thread gets, I dare say it has helped more than it has confused. You are correct though, npath is not necessarily required. I had more control in the design of our 2008 print environment and don't use npath in it. As with anything, test and see what works best for you.