Enable access to a file system share using dns alias

Out of the box Windows is not allowing access to a file system share exept using the server name. Example  \\Server\share or \\server.domain.com\share

To access a share using a dns alias do the  following.

  • create a dns alias pointing to the server
  • change the following regkeys on the server

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters]
“DisableStrictNameChecking”=dword:00000001

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters]
“SrvAllowedServerNames”=hex(7)
Add all names in fqdn format to this multistring  including the server:
example: server.domain.com alias1.dmain.com alias2.dmain.com

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters]
“OptionalNames”=hex(7):
Add  all names in short Netbios format to this multistring without the server name:
example: alias1 alias2
Info: Accessing a share using short names will result in password errors without this parameter.
example: dir \\server\share

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0]
“BackConnectionHostNames”=hex(7)
Add  all names in fqdn format to this multistring including the server:
example: server.domain.com alias1.dmain.com alias2.dmain.com

  • Restart the server (optional on a non productive server restart the service lanmanserver)

 

Print Friendly, PDF & Email
This entry was posted in Fix IT and tagged . Bookmark the permalink.

Comments are closed.