Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Speedy Filesharing independent to the users location / DFS?

Posted on 2010-11-09
7
Medium Priority
?
507 Views
Last Modified: 2012-05-10
Hi Experts

We are just setting up a new Resource Topology with 1 Resource Forest spread over 2 locations (US and EU) and 2 Account Forests (US and EU). The Resource Forest locations are different to the office locations.

We would like to put all our Files, redirected folders and user account profiles in the Resource Forest and no matter where the user logs in (US or EU) he/she will always get speedy access to fileshares.

Would DFS be the solution we are looking for?
How would a user from the US Account Forest authenticate in the EU Account Forest?
Which kind of Trust do I need between those two Forests then?

My thought for DFS:
 
Account Forest -------------------------Resource   Forest -----------------------------------Account Forest
US-------------------------------------------US---------EU--------------------------------------------------------EU
User Account --------------------------Share-------Share-----------------------------------------User Account
User Account ------------------------Redirected---Redirected-----------------------------------User Account

Would this work? What is common practise for this?

Thanks for your help in advance
0
Comment
Question by:Dan-IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 8

Expert Comment

by:PaperTiger
ID: 34096537
What kind of files and what kind of connections do you have?
0
 
LVL 24

Accepted Solution

by:
Awinish earned 2000 total points
ID: 34099620
Authentication happens using site/subnet user belongs to while login to domain. On login to domain, SRV records are query which site user belongs to & it send authentication request to mapped site with subnet the user machine belong to from where he is try to access domain resource.

http://technet.microsoft.com/en-us/library/cc759550%28WS.10%29.aspx
http://activedirectoryfaq.blogspot.com/2007/09/how-kerberos-authentication-works.html

If the two forest is different you can use external forest trust with dns(stubzone,forwarder or secondary zone) & firewall port in place.

If you want user from any forest access resource in any domain of forest two way transitive trust relationship is required.

DFS is the solution for sharing the files & user doesn't have to remember the different server name.

Bandwidth Link will play important role here.
0
 

Author Comment

by:Dan-IT
ID: 34099745
Thanks Guys

It's going to be sharedfiles (spreadsheets, documents, pdfs ect. ), redirected folders and userprofiles.
Bandwidth is more than sufficient I guess. Slowest link will be a 20Mb site to site.

There will be no active user accounts in the Resource Forest. User accounts from Account Forests only access files in the Resource Forest.

Each location (US and EU) has its own Fileserver.
Do I have to put the 2 Fileservers together under one big DFS namespace so when USuser is in the EU, he would get his files from the EU Fileserver in the Resource Forest.
Same with the Redirected Folders. If I set redirected folders via Group Policy to the same namespace for US and EU users. Will that be enough that when USusers login from EU don't have to wait until their files get downloaded over the ocean?


Awinish: Is there an advantage if I put a DC from US into the EU site and vice versa?


Let me know if you have any questions... maybe I'm not explaining correctly what I'm trying to achieve.
0
How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

 
LVL 24

Assisted Solution

by:Awinish
Awinish earned 2000 total points
ID: 34099772
Authentication will be faster because a user who is in US will not have to authenticated by EU which can take time.

Have you heard of Branch Cache, its new feature of windows 2008 R2 & windows 7.

http://www.windowsnetworking.com/articles_tutorials/Introduction-BranchCache-Part1.html

If you put two file server in US & EU it will be better from the point of redundancy & balanced load as both the file server will contain same data & there will be sync in the data from time to time.

Yes,configuring the name in the server is fine.
 
0
 

Author Comment

by:Dan-IT
ID: 34099901
Awinish

BranchCache sounds good. Will look into this.

I'm still concerned having those many files under one DFS Namespace. Is there any reason for concern?

Cheers
Dan

0
 
LVL 24

Expert Comment

by:Awinish
ID: 34100014
I don't think, regular backup & redundancy should remove your concern.


0
 
LVL 8

Expert Comment

by:PaperTiger
ID: 34102002
If you have 20MB, the speed shouldn't be a concern. I run a 3MB line between US-Canada-Mexio, I am still OK.

If it is, you can look into something called WAN Optimization. Many prominent companies make products like that such as CISCO, RiverBed, and Bluecoat. WAN Optimization is a piece of hardware you deploy at each site. It then does compression and caching. The improvement of speed is amazing - about 50% to 200%. It's more impressive on documents like Word, Excel etc. and HTTP traffic.

This is something I am implementing.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question