2.5.2.4 Add a Root Target to a Domain-Based Namespace
Goal
To add a DFS root target to an existing namespace that will host the DFS namespace.
Context of Use
The administrator has existing file servers in a domain and is required to set up a domain-based namespace.
Actors
Admin tool
The admin tool is the primary actor that triggers this use case. The admin tool is a program that offers management functionality to the administrator through the admin client. Typical admin tools are command-line tools and graphical shells, management utilities, and graphical management programs. The purpose of the admin tool is to correctly interpret, execute, and display the results of the commands that are issued by the administrator.
DFS Service
The DFS Service is a supporting actor that provides the technology that helps administrators group shared folders on different servers and present them to users as a virtual tree of folders known as a namespace.
Admin client
The admin client is a supporting actor that implements client-side protocol components and consumes the file server administration services that are offered by the file server. The admin client is internal to the File Services Management system.
Authentication Services
The Authentication Services is the supporting actor that is used for authentication purposes.
Active Directory system
The Active Directory system is a supporting actor. The File Services Management system stores metadata that is related to the domain DFS namespace in Active Directory.
Stakeholders
Administrator
The administrator is the person who sets up and manages the DFS root target servers and the DFS namespaces.
Preconditions
The administrator has identified an SMB File Service to act as a root server for an already created DFS namespace. A DFS Service is present on the SMB File Service, as described in [MS-DFSNM].
Main Success Scenario
Trigger: The admin tool receives a request from the administrator to add a DFS root target to an existing namespace.
The admin tool establishes a communication channel to the DFS Service, as described in [MS-DFSNM] section 2.1.
The DFS Service authenticates the administrator through the mechanisms, as described in [MS-AUTHSOD].
The admin tool contacts DFS Service by using the NetrDfsAddFtRoot method ([MS-DFSNM] section 3.1.4.3.1) to add the file server as a root target server to the existing namespace.
The DFS Service uses the NetrDfsAddFtRoot method to authorize the administrator through the mechanisms of [MS-DFSNM] section 3.1.4.3.1, as appropriate to the call.
The DFS Service performs the action, and interacts with the Active Directory directory service, as described in [MS-ADOD], to store metadata changes that are related to the DFS namespace, as described in [MS-DFSNM].
Postcondition
The named share is promoted to a DFS namespace on the SMB File Service with corresponding metadata that is written to the Active Directory system.
Extensions
If the communication channel for the DFS namespace [MS-DFSNM] cannot be established, or it becomes disconnected:
The admin tool can attempt to establish connection multiple times; ultimately, the use case ends with failure. Depending on when the connection failed, the namespace could or could not have been created.
If user authorization or authentication fails:
The use case ends with failure.