Solved

Speedy Filesharing independent to the users location / DFS?

Posted on 2010-11-09
7
503 Views
Last Modified: 2012-05-10
Hi Experts

We are just setting up a new Resource Topology with 1 Resource Forest spread over 2 locations (US and EU) and 2 Account Forests (US and EU). The Resource Forest locations are different to the office locations.

We would like to put all our Files, redirected folders and user account profiles in the Resource Forest and no matter where the user logs in (US or EU) he/she will always get speedy access to fileshares.

Would DFS be the solution we are looking for?
How would a user from the US Account Forest authenticate in the EU Account Forest?
Which kind of Trust do I need between those two Forests then?

My thought for DFS:
 
Account Forest -------------------------Resource   Forest -----------------------------------Account Forest
US-------------------------------------------US---------EU--------------------------------------------------------EU
User Account --------------------------Share-------Share-----------------------------------------User Account
User Account ------------------------Redirected---Redirected-----------------------------------User Account

Would this work? What is common practise for this?

Thanks for your help in advance
0
Comment
Question by:Dan-IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 8

Expert Comment

by:PaperTiger
ID: 34096537
What kind of files and what kind of connections do you have?
0
 
LVL 24

Accepted Solution

by:
Awinish earned 500 total points
ID: 34099620
Authentication happens using site/subnet user belongs to while login to domain. On login to domain, SRV records are query which site user belongs to & it send authentication request to mapped site with subnet the user machine belong to from where he is try to access domain resource.

http://technet.microsoft.com/en-us/library/cc759550%28WS.10%29.aspx
http://activedirectoryfaq.blogspot.com/2007/09/how-kerberos-authentication-works.html

If the two forest is different you can use external forest trust with dns(stubzone,forwarder or secondary zone) & firewall port in place.

If you want user from any forest access resource in any domain of forest two way transitive trust relationship is required.

DFS is the solution for sharing the files & user doesn't have to remember the different server name.

Bandwidth Link will play important role here.
0
 

Author Comment

by:Dan-IT
ID: 34099745
Thanks Guys

It's going to be sharedfiles (spreadsheets, documents, pdfs ect. ), redirected folders and userprofiles.
Bandwidth is more than sufficient I guess. Slowest link will be a 20Mb site to site.

There will be no active user accounts in the Resource Forest. User accounts from Account Forests only access files in the Resource Forest.

Each location (US and EU) has its own Fileserver.
Do I have to put the 2 Fileservers together under one big DFS namespace so when USuser is in the EU, he would get his files from the EU Fileserver in the Resource Forest.
Same with the Redirected Folders. If I set redirected folders via Group Policy to the same namespace for US and EU users. Will that be enough that when USusers login from EU don't have to wait until their files get downloaded over the ocean?


Awinish: Is there an advantage if I put a DC from US into the EU site and vice versa?


Let me know if you have any questions... maybe I'm not explaining correctly what I'm trying to achieve.
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 
LVL 24

Assisted Solution

by:Awinish
Awinish earned 500 total points
ID: 34099772
Authentication will be faster because a user who is in US will not have to authenticated by EU which can take time.

Have you heard of Branch Cache, its new feature of windows 2008 R2 & windows 7.

http://www.windowsnetworking.com/articles_tutorials/Introduction-BranchCache-Part1.html

If you put two file server in US & EU it will be better from the point of redundancy & balanced load as both the file server will contain same data & there will be sync in the data from time to time.

Yes,configuring the name in the server is fine.
 
0
 

Author Comment

by:Dan-IT
ID: 34099901
Awinish

BranchCache sounds good. Will look into this.

I'm still concerned having those many files under one DFS Namespace. Is there any reason for concern?

Cheers
Dan

0
 
LVL 24

Expert Comment

by:Awinish
ID: 34100014
I don't think, regular backup & redundancy should remove your concern.


0
 
LVL 8

Expert Comment

by:PaperTiger
ID: 34102002
If you have 20MB, the speed shouldn't be a concern. I run a 3MB line between US-Canada-Mexio, I am still OK.

If it is, you can look into something called WAN Optimization. Many prominent companies make products like that such as CISCO, RiverBed, and Bluecoat. WAN Optimization is a piece of hardware you deploy at each site. It then does compression and caching. The improvement of speed is amazing - about 50% to 200%. It's more impressive on documents like Word, Excel etc. and HTTP traffic.

This is something I am implementing.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question