msgexpert
asked on
How best to setup DFS in our Disaster Recover Environment
Currently we are running Microsoft Windows 2003 DFS in our production environment.
We have only one DFS root (i.e. mycompany.com\DFS) and I'm pretty sure that the root is a DOMAIN ROOT where the DFS information is stored in AD and copies of the DFS referral information is stored on local root targets that are not domain controllers.
When we conduct a disaster recover (DR) test we use a VM-hosted clone of a production domain controller in an isolated network environment and we assume that this cloned DC has a copy of the DFS information stored in AD. Unfortunately, since none of the root targets exist in the isolated environment we're not getting DFS name resolutions for applications in the test that have imbedded references to DFS shares.
Since the servers involved in our DR tests vary from test to test we were wondering if we can change DFS to allow the cloned DC to resolve DFS references or whether it would be best to create a new root target on one of the member server involved in the test? Granted, neither method exactly mirrors production but allowing the DC to resolve DFS referrals removes the potential of DFS being blamed for a testing failure if the failure involved the server that we turned into a DFS root target. If we can configure the DC to handle DFS references, what do we need to do to allow this since DFS already has existing root targets that are inaccessible?
Any help would be appreciated.
We have only one DFS root (i.e. mycompany.com\DFS) and I'm pretty sure that the root is a DOMAIN ROOT where the DFS information is stored in AD and copies of the DFS referral information is stored on local root targets that are not domain controllers.
When we conduct a disaster recover (DR) test we use a VM-hosted clone of a production domain controller in an isolated network environment and we assume that this cloned DC has a copy of the DFS information stored in AD. Unfortunately, since none of the root targets exist in the isolated environment we're not getting DFS name resolutions for applications in the test that have imbedded references to DFS shares.
Since the servers involved in our DR tests vary from test to test we were wondering if we can change DFS to allow the cloned DC to resolve DFS references or whether it would be best to create a new root target on one of the member server involved in the test? Granted, neither method exactly mirrors production but allowing the DC to resolve DFS referrals removes the potential of DFS being blamed for a testing failure if the failure involved the server that we turned into a DFS root target. If we can configure the DC to handle DFS references, what do we need to do to allow this since DFS already has existing root targets that are inaccessible?
Any help would be appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The DFS on the DCs has the information for the targets. IF the target is not available/does not exist, there is nothing the referal goes no where.
You could if the DC itself was also a target for the share. This way when you are in an isolated environement, there would at least be one target present.
The DFS depends on your setup as well as the version of your win2k3 (R2 has DFS replication which is superior to the NtFRS). Do you have DFS setup as a mesh, weighted or load-balanced?