Solved

Load Balancing ?

Posted on 2014-04-05
5
271 Views
Last Modified: 2014-04-12
Hello gurus

I have a domain controller with the following settings on it. (It is a virtual Image on Hyper-V 2012 R2

I have the home folders for the users on that DC and I have a legacy application that is running on it.
Unfortunately the application can not be moved (or the least to say is that it would be difficult to.

I have sometimes bottleneck on the server due to heavy network load due to users copying from their homefolders videos and large pictures.. as well as the application that suffers the performance then...

I was exploring the option to create another VM  ,install windows 2012 R2 on it and just make it for the homefolders for the users.
Do u think it will help "splitting" the load ? If yes how can I change by script the homefolders of users and instead of it being \\data-srv1\users\UserXX to becomde \\Data-srv2\users\UserXX
Can I do this without "breaking" my Active Directory and keep my security rights for each homefolders ?

Thanks
If not what can I do ?
0
Comment
Question by:ammounpierre
  • 3
  • 2
5 Comments
 
LVL 35

Expert Comment

by:Mahesh
ID: 39980368
If users are copy \ pasting large files, your server will be impacted
No matter you use existing DC \ new virtual machine, load will be there always

Its good idea to separate home drives from DC so that at least DC will run without copy\paste load

In reality you should move those home drives to some high end file server (Physical \ virtual) ....with at least 1 GBPS physical network card
The definition of high end file server is in terms of high speed disk (15K rpm) with at least 4 core CPU and 8GB of Ram

if your Hyper-V host is already loaded with full of virtual machines, then its recommended to have separate physical server \ virtual server on another host with less load.

To move your home drives now, during

Now to move your home drive:

What is the size of Home drives ?

The one approach with little or no downtime could be build new server with enough disk space
Create one shared folder on new server with authenticate users granting change share permissions

Then one by one take ownership of original user home directory folder on old server and grant administrator and that user full control on home directory so that user access to original home directory will remain intact
Start copying users home directories one by one from old server to new server share
After completing copy process, change home directory path for affected user in active directory to reflect new path. Active directory will tell you that target folder already exists, do you want to continue, click yes...
Note that keep source home directory name same on target server.
For ex:
old path :  \\server1\homedrives\user1
new path: \\server2\homedrives\user1

Don't do this activity on bulk, do it one by one to avoid downtime, access issues because in order to copy home drives you would require to take folder ownership and if you taken ownership of root folder for bulk copy process, all other users will lose access to there home directories because changing ownership will \ may probably revoke user access some times.

Mahesh.
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39980406
If your data size is too big, then probably you can use windows server backup to backup  home directory root folder along with home directories and restore it on target server
OR
You may use robocopy to copy data across from source to destination to ensure that permissions of home directories are restored as well

The syntax of Robocopy:
Robocopy <source path> <Destination Path> /mir /sec /Copyall /e /zb /Log+:C:\Copylogfile.log
robocopy \\server1\homedrives \\server2\homedrives /mir /sec /copyall /e /zb /log+:C:copy.log

Open in new window


But still I think you would require ownership of home directories root folder other wise you will get access denied error during copy most probably

If you wanted to take ownership in bulk then you can do that on home directories root folder by selecting replace owner option in advanced security tab of root folder
This will probably revoke other users access to their home drive
now you need to copy data with robocopy as suggested above
Then you need to restore user access to individual restored home folders

Then share new root folder (Copied above) and grant authenticated users change share permissions

Also then you can change all home drives of users from old path to new path in bulk
You can collect all users at one place by simply running saved query if your users are scattered in multiple OUs
If they all are in same OUs then its very simple
Just select all users and right click and go to properties \ profiles tab
There change home drive path with new one with variable
Ex: \\server2\HomeDrives\%username%
Note that destination home drive folders must be resolved to above format, otherwise it will create new home directory on destination.

Mahesh.
0
 

Author Comment

by:ammounpierre
ID: 39980692
Mahesh, thanks for the load of info. Here is what I will be doing (just to recap your suggestions).

I am to build a new server with enough RAM on it (8 or 16GB) with 4 Cores at least.
I would be a member server and not a DC.
I will name that server data2-srv (instead of Data1-srv the actual server)
Next I will be using Robocopy feature (/SEC /Copyall) to copy the users folders (home folders) from data1-srv to data2-srv.
Once this done (I will do it overnight) , I can go to the OU (I have only 2) and change the homefolder property for all from \\data1-srv\users\%username% to data2-srv\users\%Username

then I after testing that it works, I can safely delete the folder from Data1-srv (users folder and sub-folders)

Regarding the security I think it won't be complicated (pls correct me) since I will be doing is running as domain admin.
My security settings now is that each the domain admin has full access to users folders and each user has full access to his folder only (and a shared one among all)

One a different note ,do u think DFS will help in the load balance or it is "only" for redundancy ?

Thanks
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39981096
Ok
The basic purpose of DFS is redundancy and it should not be used as load balancing because normally DFS is used between two sites and DFS replicated folder remains on server in both sites so that in case server gone down in 1st site, it will get connected to 2nd server in another site
DFS is AD site aware application and by default users will get connected to local AD site DFS server 1st and if tat server get down they will connected to next available server
However you can keep multiple DFS replica within same site, it will use DNS round robin technic to load balance home drive connections, but in that case your home drive path should be like below
Ex: \\domain.com\HomeDrives is your DFS Root Name space and then below are folder targets under root name space
\\Server1\Userdata\user1
\\Server2\Userdata\user1 (Replica)
Now in AD user properties\Profile tab you have to specify \\Domain.com\HomeDrives\user1 so that user will get connected to any available server
Also you need to add both servers as name space servers in DFS so that if one name space server get down DFS will allow you to connect through another name space server

The ideally this requires 4 servers as below to achieve load balancing and redundancy at replica level and name space level
2 Name space servers
2 DFS replica servers
However you can have TWO servers both acting as name space server and replica servers as well

Now to coming at 1st point
U are right, you can build member server with 4 Cores CPU + 8GB RAM + 15K speed Disks

Now regarding permissions, 1st check if you are able to traverse \ drill down to last folder under home drives, then only you can copy all Home drives with Robocopy
Hopefully administrators will have full Control on all home directories including root folder (I have seen, With roaming profiles access issues are there due to ownership, but its should not be the case here hopefully)
However, If you get any access denied issues during copy, then you must take ownership of home directories root folder with replace owner on sub containers option.
Also then on destination home directory folder you need to assign respective user full control rights manually

Also after copying all home directories including root directory overnight you need to grant authenticated users change share permissions on root folder
http://support.microsoft.com/kb/555046

lastly you should use /mir switch also to mirror existing directory structure

Ex:
On server2 (Destination Server you can run robocopy to copy data from source as below

Robocopy \\server1\HomeDrives D:\Homedrives /e /zb /Copyall /mir /sec /log+:D:\Copylogs.log

Open in new window


This will create \ copy new HomeDrives folder and all sub folders with files on server2

Mahesh.
0
 

Author Comment

by:ammounpierre
ID: 39984786
Mahesh
I have experimented with one user and it works fine.
As a matter of fact that user is now opening his Z:\ Folder (Home folder) much faster than the others... It is instantaneous whereas the others, there is a 1-2 second latency....
Placebo effect ?

I will continue with the others today and post the results here.
Thanks again
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Folder size tool 6 61
Changing password complexity on domain 1 13
Driver issue after bare metal recovery 1 15
Multiple Domains 8 20
Recently, I was assigned the task of performing a hardware refresh in the datacenter. The previous Windows 2008 systems were connected to the SAN via fiber channel HBA’s and among other thing, had PowerPath installed in order to provide sufficient f…
This article will review the basic installation and configuration for Windows Software Update Services (WSUS) in a Windows 2012 R2 environment.  WSUS is a Microsoft tool that allows administrators to manage and control updates to be approved and ins…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now