Welcome to ISAserver.org

NLB Setup with Configuration Storage Server in the Array

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA 2006 Firewall] >> Network Infrastructure >> NLB Setup with Configuration Storage Server in the Array

Page: [1]

Message

<< Older Topic Newer Topic >>

NLB Setup with Configuration Storage Server in the Array - 18.Oct.2007 12:28:06 PM

ng9

Posts: 3
Joined: 18.Oct.2007
Status: offline

In a help file I was told to

1 - register a dns record for the lan side nic of a particular server

2 - set service principle names

1 - The help file does not explain exactly how to register a dns name, but I don't see much room for error since in order to register an ip address with a name such as 192.168.0.1 with NEW.domain.local, while 192.168.0.1 might already be registered to SERVER1.domain.local, I assume you must create a HOST (A) record as the (C) Alias does not appear to support entering an ip address.

So I've created a new HOST (A) (192.168.0.1 / NEW.domain.local) while there was and still is a (192.168.0.1 / SERVER1.domain.local).

2 - To set the spn, the instructions are clear, though are not working for me.

setspn -a ldap/new.domain.local new

The return is "FindOmainForAccount: DsGetDcNameWithAccountW failed!
"Unable to locate account file"

If that had succeded, I was instructed to do a second line to set what looks like a port.

I can no longer find the help file about this possible issue when using a configuration storage server as a server in the isa arrays.

Where can I find this help file so I can find the second line about adding something such as 2717 if my memory serves and have I correctly registered the dns record and or do I have something setup wrong with ldap?

Post #: 1

Featured Links*

RE: NLB Setup with Configuration Storage Server in the ... - 18.Oct.2007 6:00:54 PM

Jason Jones

Posts: 2137
Joined: 30.Jul.2002
From: United Kingdom
Status: offline

Hi,

The info you need is in this article: http://www.microsoft.com/technet/isa/2006/nlb.mspx

Post if you are still having problems as I have done this config a few times...

Cheers

JJ

_____________________________

Jason Jones (MVP)

Silversands Limited http://www.silversands.co.uk
My Blog: http://blog.msfirewall.org.uk/

Get our NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to ng9)

Post #: 2

RE: NLB Setup with Configuration Storage Server in the ... - 21.Feb.2008 12:07:13 PM

ARDAvonWOOLF

Posts: 8
Joined: 21.Feb.2008
Status: offline

I've read the article and attempted the setspn task, but I still get the "FindOmainForAccount: DsGetDcNameWithAccountW failed!" error when attempting the first setspn command.

I have created an A host record for ISA-CSS.mydomain.com to 192.168.0.1 in the DC's DNS Forward Lookup zone.

I can ping "ISA-CSS" by the hostname, i.e. it is resolved properly.

the command:
setspn -a ldap/isa-css.mydomain.com ISA-CSS
results in:
FindDomainForAccount: DsGetDcNameWithAccountW failed!
Unable to locate account ISA-CSS

Where are we failing here?

Thanks
-AvW

< Message edited by ARDAvonWOOLF -- 22.Feb.2008 9:15:59 AM >

(in reply to Jason Jones)

Post #: 3

RE: NLB Setup with Configuration Storage Server in the ... - 12.Mar.2008 8:32:07 PM

Jason Jones

Posts: 2137
Joined: 30.Jul.2002
From: United Kingdom
Status: offline

The article and help file are wrong, the correct syntax is:

setspn -a ldap/fake-name.mydomain.com real-name NetBIOS name

e.g. for a computer called ISA1 I would create a new SPN called ISA1-Array using the following command:

setspn -a ldap/ISA1-Array.mydomain.com ISA1

The configure DNS and the CSS definitions using ISA1-Array.mydomain.com references with intra-array IP addresses.

Cheers

JJ

_____________________________

Jason Jones (MVP)

Silversands Limited http://www.silversands.co.uk
My Blog: http://blog.msfirewall.org.uk/

Get our NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to ARDAvonWOOLF)

Post #: 4