DFS replication of user profiles and home directories

From: Gordon Fecyk (gordonf_at_pan-am.ca)
Date: 08/18/04 

Date: Tue, 17 Aug 2004 21:43:25 -0500

Back in May 2004 a gentleman named "ptwilliams" game me some pointers on
setting up roving user profiles that can rove between locations, ie: between
branch offices. I was able to create a DFS root share, replicate it between
two DCs, and set up a user's home directory and profile on it. The user's
profile and home shares looked something like this:

\\example.com\dfsroot\users\%username%
\\example.com\dfsroot\profiles\%username%

When I create a user using these folders, it creates the folders with the
correct permissions. I checked each DC's copy of the dfsroot share and
everything gets replicated properly including the permissions. The trick
now is to ensure that workstations (All Win2K Pro SP4) use the nearest DC
for copies of the dfsroot, and therefore its profiles and home shares.

So far, so good, but ptwilliams recommended that I restrict the number of
DCs to "one per site." Right now, the domain which I'll keep calling
example.com has just one site, the "Default-First-Site-Name," and I've added
a subnet for each office to this site. In this case the subnets are:

10.0.1.0/26
10.0.1.64/26

Once I've replicated everything I need, I'll move the new DC to
10.0.1.64/26. The first DC, which happens to be a SBS2000 machine and is
"king of the DS forest" as such, is in 10.0.1.0/26. Routing is taken care
of through VPN routers.

Now, do I need to create a new site in Active Directory Sites and Services
for each office, and in turn each subnet, and then move each DC to its own
site? Or is it adequate to define these subnets in a single site and just
have one DC in each subnet? All I need to make sure of is the workstations
use the closest DC for their logon server, logon scripts and local DFS
replica.

Each DC at each office will have its own DHCP services, and settings which
point to itself as the primary DNS server, so the machines on a given subnet
should use that subnet's DC as its primary DNS server. 

-- 
PGP key (0x0AFA039E): <http://www.pan-am.ca/consulting@pan-am.ca.asc>
What's a PGP Key?  See <http://www.pan-am.ca/free.html>
GOD BLESS AMER, er, THE INTERNET. <http://vmyths.com/rant.cfm?id=401&page=4>

Relevant Pages

  • Re: Do i need to create a site in AD?
    ... site, in AD, do i need to configure my network id and subnet for the ... Replicate. ... domains in the AD forest. ... We now are connecting a remote site ...
    (microsoft.public.windows.server.active_directory)
  • Re: Off site DC needs to replicate over night only
    ... I only want users to authenticate to our 2 main ... > them to replicate at night only to this offsite DC, ... the site wide DNS service records and only register its name and IP ... needed to put the DC in its own subnet. ...
    (microsoft.public.win2000.active_directory)
  • Re: Domain Trusts and synch of roaming profiles
    ... you can replicate the profile folder using DFS Replication. ... they log in they will pick up the nearest profiles. ... to accessing resources back over the WAN. ... You can keep the roaming profiles small by redirecting folders out of it. ...
    (microsoft.public.windows.server.general)
  • Re: Default-First-Site-Name
    ... > If I configured a site with a subnet on it but whitout a DC associated, ... > time (replicate every) is always respected? ... Hello Bruno, ... Actually the DCs are registering that a Site exist with no DC assigned, ...
    (microsoft.public.windows.server.active_directory)
  • Re: DFS replication of user profiles and home directories
    ... > for copies of the dfsroot, and therefore its profiles and home shares. ... > a subnet for each office to this site. ... extend the DFS to other DCs in that site without issues. ... > should use that subnet's DC as its primary DNS server. ...
    (microsoft.public.win2000.active_directory)