Solved

Speedy Filesharing independent to the users location / DFS?

Posted on 2010-11-09
7
504 Views
Last Modified: 2012-05-10
Hi Experts

We are just setting up a new Resource Topology with 1 Resource Forest spread over 2 locations (US and EU) and 2 Account Forests (US and EU). The Resource Forest locations are different to the office locations.

We would like to put all our Files, redirected folders and user account profiles in the Resource Forest and no matter where the user logs in (US or EU) he/she will always get speedy access to fileshares.

Would DFS be the solution we are looking for?
How would a user from the US Account Forest authenticate in the EU Account Forest?
Which kind of Trust do I need between those two Forests then?

My thought for DFS:
 
Account Forest -------------------------Resource   Forest -----------------------------------Account Forest
US-------------------------------------------US---------EU--------------------------------------------------------EU
User Account --------------------------Share-------Share-----------------------------------------User Account
User Account ------------------------Redirected---Redirected-----------------------------------User Account

Would this work? What is common practise for this?

Thanks for your help in advance
0
Comment
Question by:Dan-IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 8

Expert Comment

by:PaperTiger
ID: 34096537
What kind of files and what kind of connections do you have?
0
 
LVL 24

Accepted Solution

by:
Awinish earned 500 total points
ID: 34099620
Authentication happens using site/subnet user belongs to while login to domain. On login to domain, SRV records are query which site user belongs to & it send authentication request to mapped site with subnet the user machine belong to from where he is try to access domain resource.

http://technet.microsoft.com/en-us/library/cc759550%28WS.10%29.aspx
http://activedirectoryfaq.blogspot.com/2007/09/how-kerberos-authentication-works.html

If the two forest is different you can use external forest trust with dns(stubzone,forwarder or secondary zone) & firewall port in place.

If you want user from any forest access resource in any domain of forest two way transitive trust relationship is required.

DFS is the solution for sharing the files & user doesn't have to remember the different server name.

Bandwidth Link will play important role here.
0
 

Author Comment

by:Dan-IT
ID: 34099745
Thanks Guys

It's going to be sharedfiles (spreadsheets, documents, pdfs ect. ), redirected folders and userprofiles.
Bandwidth is more than sufficient I guess. Slowest link will be a 20Mb site to site.

There will be no active user accounts in the Resource Forest. User accounts from Account Forests only access files in the Resource Forest.

Each location (US and EU) has its own Fileserver.
Do I have to put the 2 Fileservers together under one big DFS namespace so when USuser is in the EU, he would get his files from the EU Fileserver in the Resource Forest.
Same with the Redirected Folders. If I set redirected folders via Group Policy to the same namespace for US and EU users. Will that be enough that when USusers login from EU don't have to wait until their files get downloaded over the ocean?


Awinish: Is there an advantage if I put a DC from US into the EU site and vice versa?


Let me know if you have any questions... maybe I'm not explaining correctly what I'm trying to achieve.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 24

Assisted Solution

by:Awinish
Awinish earned 500 total points
ID: 34099772
Authentication will be faster because a user who is in US will not have to authenticated by EU which can take time.

Have you heard of Branch Cache, its new feature of windows 2008 R2 & windows 7.

http://www.windowsnetworking.com/articles_tutorials/Introduction-BranchCache-Part1.html

If you put two file server in US & EU it will be better from the point of redundancy & balanced load as both the file server will contain same data & there will be sync in the data from time to time.

Yes,configuring the name in the server is fine.
 
0
 

Author Comment

by:Dan-IT
ID: 34099901
Awinish

BranchCache sounds good. Will look into this.

I'm still concerned having those many files under one DFS Namespace. Is there any reason for concern?

Cheers
Dan

0
 
LVL 24

Expert Comment

by:Awinish
ID: 34100014
I don't think, regular backup & redundancy should remove your concern.


0
 
LVL 8

Expert Comment

by:PaperTiger
ID: 34102002
If you have 20MB, the speed shouldn't be a concern. I run a 3MB line between US-Canada-Mexio, I am still OK.

If it is, you can look into something called WAN Optimization. Many prominent companies make products like that such as CISCO, RiverBed, and Bluecoat. WAN Optimization is a piece of hardware you deploy at each site. It then does compression and caching. The improvement of speed is amazing - about 50% to 200%. It's more impressive on documents like Word, Excel etc. and HTTP traffic.

This is something I am implementing.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question