Using DFS Shares in Mac OS X

Update: Lion now supports DFS natively and Jorge Escala has a better solution for Snow Leopard (blog post), so the text below is now kept merely for historical purposes. If you want the source to his tool, I’ve attached a tarball here for your convenience.

Also, Ægir Örn Símonarson wrote in mentioning that if you know the root DFS share, you can find the root server hostname like so:

$ smbclient -c showconnect --user='domain_name\user_name' "\\\\domain_name\\root_share\\"

Microsoft’s DFS, aptly described in many places1 is the bane of many a Mac user in corporate settings, since there is no way to resolve DFS paths via the “GUI”:Wikipedia:GUI in a standard Mac OS X install.

Having endured for years the nuisance of having to check my Windows machine’s obtuse property dialog boxes to manually resolve pathnames such as \\domain\fs\share into something like \\server\hidden$\share that I could actually mount on my Mac (as smb://server/hidden$/share, of course), I eventually decided to do something about it.

Given the lack of information available (I have never been able to find a solution for this on Google) and my long history running and troubleshooting Samba, one morning I decided to find a solution, or else. My initial idea was to do a series of packet traces and figure out which RPC calls and Active Directory lookups standard Windows machines did, and wing it from there.

Turns out it was way easier than that. I eventually hit upon rpcclient (a low-level RPC tool included with Leopard), and after reading through portions of the source and data structure documentation, I established that asking for info level 3 when querying a known DFS server like so:

$ rpcclient -U 'domain\user' --command='dfsenum 3' known_server

…would yield usable results. In fact, this yields quite a bit of interesting output, not least of which are a list of known servers and, for each DFS mount point, a list of known stores and (most important of which) the real server and share names.

Here’s a suitably anonymized example that should be obvious:

$ rpcclient -U 'domain\user' --command='dfsenum 3' server01a1
path: \\DOMAIN\FS
comment: DFS File Stores
state: 513
num_stores: 3
storage[0] server: SERVER01A1
storage[0] share: FS
storage[1] server: SERVER02A1
storage[1] share: FS
storage[2] server: SERVER03C1
storage[2] share: FS
path: \\DOMAIN\fs\backup
  state: 1
  num_stores: 1
  storage[0] server: server01A1
  storage[0] share: share01$\backup
path: \\DOMAIN\fs\users
  state: 1
  num_stores: 1
  storage[0] server: server03C1
  storage[0] share: SHARE02$\users

I haven’t yet managed to find a simple enough way to bootstrap this by automagically finding the initial DFS server, but will eventually wrap this into a nice Cocoa Python applet to enable point-and-click mounting of DFS shares (this, of course, assuming that Snow Leopard doesn’t include something similar – but I think not).

Of course, you’re free to improve upon this and toss me a copy of your notes/app. :)

1 Distributed File System Technology Center