CAPS and CNAME Alias Records

  • Article

Hi AskPerf readers, this is Paul from the Microsoft Remote Resources Support Team. We have been receiving a number of support questions concerning the use of Client Access Points (CAPs) and the use of CNAME alias records when referencing a Failover Clustered Print Spooler Resource.

Unlike a File Share Resource the multiple Client Access Point (CAP) feature is not supported when referencing a Print Spooler Resource. In Windows Server 2008 and 2008 R2 Failover Clusters, the interaction between the Cluster Service and the Server Service has changed and with this change shared printers are now associated with a single Spooler resource and are 'scoped' to the Network Name resource which is part of the Client Access Point (CAP). The share names when using Client Access Points (CAP) in Windows Server 2008 and 2008 R2 do not work in the same manner as they did with Windows Server 2003 Failover Print Clusters. This is due to intentional design changes that enhance the security when making Server Message Block (SMB) connections to the print spooler resource (the print share). A Failover Clustered Print Spooler consists of 3 components; a single Client Access Point (Network Name and IP Address), a single Spooler Resource and a “shared” Disk resource (Cluster Shared Volume; CSV).

The recommended method for accessing the Failover Clustered Print Server Resource is to login to any of the cluster nodes and open the Printer Management Console by clicking “Manage Printers” from the Failover Cluster Manager. This ensures you are accessing the clustered spooler resource and not the local spooler; an area that we receive numerous support calls about.

The Failover Cluster Manager will not prevent an administrator from creating more than one Client Access Point (Name and IP resource) in any group. When this is done in a Spooler resource group it is not immediately evident that this creates a potential configuration problem. The first indicator that this is not supported is when the admin attempts to use the Manage Printers feature from the Clustered Print Servers Action menu.

clip_image002

The Failover Cluster Manager displays the following configuration error clearly stating that the Spooler Resource is not configured correctly if there are multiple Network Names in the group.

image

An alternative way to manage the clustered Print Spooler Resource is directly through the Print Management Console (PMC). In the PMC, an admin can add the Clustered Spooler Resource Network Name to the list of Managed Print Servers.

If a spooler resource group has multiple CAPs defined and an administrator attempts to use the PMC to manage any of the CAP instances other than the first one defined when the resource was created, they’ll receive the second indicator that there is a configuration issue.  Attempts to add a printer to any of the additional CAP names in the PMC the following error is displayed indicating that the target is invalid.

image

While we have created a valid Network Name we have not created a target object container for the installation of printers:

Performing a query for the meaning of this error message using the NET Helpmsg command (https://technet.microsoft.com/en-us/library/bb490705.aspx). Typing the following command:

C:\>net helpmsg 67

The network name cannot be found.

(Net Helpmsg only accepts decimal error messages. 0x43 is 67 in decimal)

This gives us a more easy to read error - indicating that the configuration is not valid because the target does not exist.

Best practice recommendations around Clustered Spooler CAPs:

1. Choose one CAP to represent the Clustered Print Spooler resource.

2. For consistency the Group name and the CAP name should be the same to minimize confusion.

3. Publish this to the end user community to use only this CAP name to add printers to their workstations.

If the requirement is to provide multiple Client Access Points (CAPs) or Multiple Named references (aliases) then it is recommended that additional print spooler resource groups be created with the desired names and migrate the printers to the new spooler resources using the Print Management Console Export and Import feature.

The bottom line is there can be only one print spooler resource per Cluster Resource Group and a single network name reference to that resource.

Please review the following article which contains a very detailed explanation concerning the use of CNAME alias DNS entries and why they do not work as expected with Windows 2008 and 2008 R2 Failover Clusters:

File Share 'Scoping' in Windows Server 2008 Failover Clusters

-Paul