ExtremeZ-IP and Service Connections Points

1 Star2 Stars3 Stars4 Stars5 Stars
Loading...
  • Product:
    ExtremeZ-IP
  • Revised:
    4/14/2009
  • Reviewed:
    4/14/2009

New with version 6.0 of ExtremeZ-IP is our usage of Microsoft’s Service Connection Point (SCP) technology. We use this technology to locate and contact other ExtremeZ-IP servers in your Active Directory (AD) domain for DFS (Distributed File System) support, as well as new features in the future.
Microsoft’s web site has an executive overview of what SCPs are and how they can be used at this location on the internet:

http://msdn.microsoft.com/en-us/library/ms677950(VS.85).aspx

Operation

The first time version 6.0 or later of ExtremeZ-IP is executed after installation, the ExtremeZ-IP service will attempt to install its own SCP in the AD domain, if there is a domain. Successful installation of the SCP requires that the service runs under the ‘local system account’, which ExtremeZ-IP does by default.

If the SCP cannot be installed for any reason, a message is logged in the Windows Application Event log, as well as the ExtremeZ-IP log. ExtremeZ-IP will attempt to install the SCP each and every time ExtremeZ-IP is started, until the ExtremeZ-IP administrator executes the ExtremeZ-IP Administrator User Interface application (“the UI”) and unchecks the check box labeled “Register Service Connection Point” on the “Service Discovery” tab of the “Settings” dialog in the UI.

If your configuration doesn’t require the SCP, the ExtremeZ-IP administrator can disable this feature permanently by unchecking this check box in the UI. If this box is unchecked, the ExtremeZ-IP service will uninstall and completely remove our SCP from AD, and it will not attempt to reinstall it until the ExtremeZ-IP administrator checks this check box again in the UI.

If you uninstall ExtremeZ-IP, the uninstall process will try to remove the SCP from AD. This requires that the user running the uninstall utility has Domain Administrator privileges in the AD domain. The uninstall program will display a dialog box to the user if there was an error trying to remove the SCP. In this case, your AD Administrator can manually remove the SCP by running the “Active Directory Users and Computers” MMC snap-in. The AD administrator should navigate to the computer name that has the SCP associated with it and double click that name. The SCP will be displayed with the name of the service, which is usually “ExtremeZ-IP”. Right click that and select “Delete” to remove it.

Alternatively, before running the uninstall program to remove ExtremeZ-IP, the person performing the uninstall can execute the UI one last time, find the “Service Discovery” tab under the “Settings” dialog, and uncheck the “Register Service Connection Point” check box. This will cause the ExtremeZ-IP service to uninstall the SCP. Next, close the UI and proceed with the rest of the uninstall process.

Notes about our SCP:

  • Our SCP does not require or cause an AD ‘schema’ change.
  • Our SCP does get replicated to other AD servers in the forest.
  • ExtremeZ-IP must run under the Local System Account (or a domain administrator account – which is NOT recommended), to be able to install/uninstall its own SCP in Active Directory.
  • To ensure that the information in the SCP is current with what is in the system registry for the ExtremeZ-IP service, we customize the following four containers in the SCP object each time the ExtremeZ-IP service is executed:
     1. Binding Information
          a. We add 5 strings to this container:
               i. AFP_PORT=548
               ii. HTTP_PORT=8081
               iii. SERVICE_NAME=ExtremeZ-IP (unless it’s on a cluster OS)
               iv. SUPPORTS_DFS=NO (unless we do, then it is YES)
               v. HOST_NAME=Fully qualified domain name of this host computer
     2. Version Information
          a. We insert our version numbers for versionHi and versionLo.  For example, 
             in the 6.0 release, versionHi will be “6” and versionLo will be “0” (zero)
     3. Keywords
          a. We add the following keywords to this container:
               i. Keyword 1: Vendor GUID – this value is always
                  "44F3E20C-3D32-4656-9398-9468740F606D".
               ii. Keyword 2: Product GUID – this value is always
                  "6D27D383-E811-4cfa-8440-C8886C800B43".
               iii. Keyword 3: Vendor Name – this value is always “Group Logic Inc.”
               iv. Keyword 4: Product Name – this value is always “ExtremeZ-IP”.
     4. ServiceDNSName – this is the fully qualified domain name of the host machine.

We specify the fully qualified domain name in the binding information and the ServiceDNSName field because the binding information container in the SCP gets replicated along with host (the type “A”) DNS record to other AD servers in the forest, but ServiceDNSName doesn’t.

This information is essential because it enables easier searching of the AD for “all SCPs that have ‘ExtremeZ-IP’ as a service name” – when those are known, the DNS name of each ExtremeZ-IP server is discoverable from a single search.

Tags: