Troubleshooting
Problem
This document discusses the fact that neither the IBM i NetServer nor the Integrated File System support Microsoft Active Directory at this time.
Resolving The Problem
Users in a Microsoft Windows Active Directory environment can use IBM i NetServer network drives. There are, however, limitations due to the fact that NetServer network drives are mapped to resources on the system's Integrated File System.
In a Windows Active Directory environment, IBM i NetServer shares can not be set up as active directories because the Integrated File System does not support the Microsoft Windows Change Notification APIs, and file system support for Microsoft Active Directory requires support of these APIs. The Change Notification APIs are used to report updates to files and directories back to the client.
The Integrated File System is a Portable Operating System Interface for Computer Environments (POSIX) type file system based on UNIX-based open system standards. This standard does not currently define change notification. The only file system that IBM Support is aware of that supports change notification via the Change Notification APIs is the Windows NTFS file system.
IBM i NetServer does passive file serving. This means NetServer receives the requests for updates (changes, deletes, and so on) and performs the update without reporting the update back to the client. If the client wants update information, it must specifically request this information. NetServer uses passive file serving because it is more efficient from a network traffic standpoint. There are no plans to change this.
In addition, certain folders used by Active Directory must be created on an NTFS partition. A good example is the SYSVOL folder, which stores the server's copy of the domain's public files. The SYSVOL folder must be located on an NTFS partition. The Integrated File System does not support NTFS; therefore, the SYSVOL folder can not be located on the Integrated File System. Some versions of Active Directory also make use of the File Replication Service (FRS) to replicate changes made to the SYSVOL folders from one domain controller to other domain controllers. FRS detects changes to files and folders and then replicates those changes to other file servers. FRS can only be used with Windows 2000 or 2003 Server (and probably above), and replica sets can only be created on NTFS volumes. Again, because the Integrated File System does not use NTFS, this functionality cannot take place across NetServer network drives, which connect the user to the Integrated File System.
While some functions of Windows Active Directory might work with NetServer network drives, others might not. The following error messages have been reported to IBM Support:
| o | When My Documents has a target folder location specified in My Documents properties and a user deletes a file, the following error message may be received: Cannot find the specified file. Make sure you specify the correct path and file name. However, when the user clicks OK and refreshes the folder, the file is gone. This error appears to be issued by Active Directory because IBM i NetServer did not report the change (deletion) back to Active Directory. |
| o | When a Desktop belonging to a roaming profile is stored on a NetServer drive and files on the Desktop are deleted, there is no error message and the files might not be moved into the Recycle Bin. IBM investigated this behavior on Microsoft Windows 2000 Service Pack 4. In our testing, we noted the following. Active Directory creates a temporary directory named RECYCLER in the same directory of the file being deleted. The file being deleted is moved to the RECYCLER directory; the RECYCLER directory is immediately deleted. Neither the file nor the directory are sent to the Recycle Bin. Whether a file is inserted into the Recycle bin might be related to the file size. For further information on this Active Directory behavior, contact Microsoft. |
| o | When a Desktop belonging to a Roaming Profile is stored on a NetServer drive and items are saved to the Desktop, users must hit Refresh multiple times to get the files to appear on the desktop. |
Note: The Microsoft Windows platform SDK defines a group of File I/O functions related to asynchronous change notification. These APIs (for example, FindFirstChangeNotification) are not supported by any version of IBM i NetServer.
Additional Note - added for searchability:
The name i5/OS NetServer may be used interchangeably with IBM i NetServer, iSeries NetServer, OS/400 NetServer, or (older) AS/400 NetServer or AS400 NetServer.
Historical Number
325089342
Was this topic helpful?
Document Information
Modified date:
18 December 2019
UID
nas8N1019248