Solved

Speedy Filesharing independent to the users location / DFS?

Posted on 2010-11-09
7
500 Views
Last Modified: 2012-05-10
Hi Experts

We are just setting up a new Resource Topology with 1 Resource Forest spread over 2 locations (US and EU) and 2 Account Forests (US and EU). The Resource Forest locations are different to the office locations.

We would like to put all our Files, redirected folders and user account profiles in the Resource Forest and no matter where the user logs in (US or EU) he/she will always get speedy access to fileshares.

Would DFS be the solution we are looking for?
How would a user from the US Account Forest authenticate in the EU Account Forest?
Which kind of Trust do I need between those two Forests then?

My thought for DFS:
 
Account Forest -------------------------Resource   Forest -----------------------------------Account Forest
US-------------------------------------------US---------EU--------------------------------------------------------EU
User Account --------------------------Share-------Share-----------------------------------------User Account
User Account ------------------------Redirected---Redirected-----------------------------------User Account

Would this work? What is common practise for this?

Thanks for your help in advance
0
Comment
Question by:Dan-IT
  • 3
  • 2
  • 2
7 Comments
 
LVL 8

Expert Comment

by:PaperTiger
ID: 34096537
What kind of files and what kind of connections do you have?
0
 
LVL 24

Accepted Solution

by:
Awinish earned 500 total points
ID: 34099620
Authentication happens using site/subnet user belongs to while login to domain. On login to domain, SRV records are query which site user belongs to & it send authentication request to mapped site with subnet the user machine belong to from where he is try to access domain resource.

http://technet.microsoft.com/en-us/library/cc759550%28WS.10%29.aspx
http://activedirectoryfaq.blogspot.com/2007/09/how-kerberos-authentication-works.html

If the two forest is different you can use external forest trust with dns(stubzone,forwarder or secondary zone) & firewall port in place.

If you want user from any forest access resource in any domain of forest two way transitive trust relationship is required.

DFS is the solution for sharing the files & user doesn't have to remember the different server name.

Bandwidth Link will play important role here.
0
 

Author Comment

by:Dan-IT
ID: 34099745
Thanks Guys

It's going to be sharedfiles (spreadsheets, documents, pdfs ect. ), redirected folders and userprofiles.
Bandwidth is more than sufficient I guess. Slowest link will be a 20Mb site to site.

There will be no active user accounts in the Resource Forest. User accounts from Account Forests only access files in the Resource Forest.

Each location (US and EU) has its own Fileserver.
Do I have to put the 2 Fileservers together under one big DFS namespace so when USuser is in the EU, he would get his files from the EU Fileserver in the Resource Forest.
Same with the Redirected Folders. If I set redirected folders via Group Policy to the same namespace for US and EU users. Will that be enough that when USusers login from EU don't have to wait until their files get downloaded over the ocean?


Awinish: Is there an advantage if I put a DC from US into the EU site and vice versa?


Let me know if you have any questions... maybe I'm not explaining correctly what I'm trying to achieve.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 24

Assisted Solution

by:Awinish
Awinish earned 500 total points
ID: 34099772
Authentication will be faster because a user who is in US will not have to authenticated by EU which can take time.

Have you heard of Branch Cache, its new feature of windows 2008 R2 & windows 7.

http://www.windowsnetworking.com/articles_tutorials/Introduction-BranchCache-Part1.html

If you put two file server in US & EU it will be better from the point of redundancy & balanced load as both the file server will contain same data & there will be sync in the data from time to time.

Yes,configuring the name in the server is fine.
 
0
 

Author Comment

by:Dan-IT
ID: 34099901
Awinish

BranchCache sounds good. Will look into this.

I'm still concerned having those many files under one DFS Namespace. Is there any reason for concern?

Cheers
Dan

0
 
LVL 24

Expert Comment

by:Awinish
ID: 34100014
I don't think, regular backup & redundancy should remove your concern.


0
 
LVL 8

Expert Comment

by:PaperTiger
ID: 34102002
If you have 20MB, the speed shouldn't be a concern. I run a 3MB line between US-Canada-Mexio, I am still OK.

If it is, you can look into something called WAN Optimization. Many prominent companies make products like that such as CISCO, RiverBed, and Bluecoat. WAN Optimization is a piece of hardware you deploy at each site. It then does compression and caching. The improvement of speed is amazing - about 50% to 200%. It's more impressive on documents like Word, Excel etc. and HTTP traffic.

This is something I am implementing.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question