I'm trying to setup ABE on file shares in Windows 2008 and it doesn't seem to be working. What I'm trying to accomplish is to have users login and only see the shares they have access to and nothing else. So on the virtual cluster here is how I'm trying to set it up. On a note, there is vbscript that maps the drives. D:\Depts\ABC D:\Depts\BVC D:\depts\OED So the "Depts" folder is the share folder and the second folder is the actual folder that the user would map too. So if I belong to the "ABC" group, my mapping should be : I:\\Depts\ABC and I shouldn't see the other folders. I also read that if the cluster had to failover, you would have to reset all the shares. Is that correct? Mark
This is probably less a clustering question than an Access-based Enumeration query. That said, if you are setting up your shares properly in the cluster, you shouldn't have to reset anything after a failover. Here's the TechNet link for this task: • TechNet: Create a Shared Folder in a Clustered File Server http://technet.microsoft.com/en-us/library/cc732302.aspx As for ABE, I found another MVP's blog dealing with ABE and how it works here: http://msmvps.com/blogs/erikr/archive/2008/06/28/access-based-enumeration-abe.aspx Hope this helps, --Ryan
Ryan I understand what you are saying but I think maybe I didn't explain it well. What I meant was that if you enable ABE on a share on a cluster if it had to failover do you have to redo the share becuase of the ABE? Also, I actually read the second artical and it didn't seem to work. Let me see if I can explain it another way. If I logged in, out of all the folders that I listed the only one that I want to see is "ABC" when it gets mapped. I don't want to see the others. Does that make sense??? Thanks
Mark, It will work on a cluster. Install the Share on the cluster. And install the ABE Tool on each node in the cluster From the Cluster Admin create a resource of type " application" in the command to exec for this resource ( parameters) do cmd /k abecmd /enable <clustersharename> Check out the box "allow interact with desktop" Make sure this resource is depend on the share and must be in the same group. This should do the trick. I will make a blog post show check this in a few days -- Greetings, Robert Smit Blog : http://fiberman.spaces.live.com/
There is no "Allow interaction with desktop" option in Windows 2008 cluster. Regards, John Visit my blog: http://msmvps.com/blogs/jtoner