Re: DFS replication of user profiles and home directories

From: Dave Shaw [MVP] (dhshaw_at_NoSpam.msn.com)
Date: 08/18/04 

Date: Wed, 18 Aug 2004 06:35:43 -0400

<Inline comments>

"Gordon Fecyk" <gordonf@pan-am.ca> wrote in message
news:eeT4W0MhEHA.140@TK2MSFTNGP12.phx.gbl...
> Back in May 2004 a gentleman named "ptwilliams" game me some pointers on
> setting up roving user profiles that can rove between locations, ie:
> between
> branch offices. I was able to create a DFS root share, replicate it
> between
> two DCs, and set up a user's home directory and profile on it. The user's
> profile and home shares looked something like this:
>
> \\example.com\dfsroot\users\%username%
> \\example.com\dfsroot\profiles\%username%
>
> When I create a user using these folders, it creates the folders with the
> correct permissions. I checked each DC's copy of the dfsroot share and
> everything gets replicated properly including the permissions. The trick
> now is to ensure that workstations (All Win2K Pro SP4) use the nearest DC
> for copies of the dfsroot, and therefore its profiles and home shares.

This is done by creating sites and placing the workstations and prefered DCs
in the same site. Once done, the workstations will select (by cost) the
closest DC.

> So far, so good, but ptwilliams recommended that I restrict the number of
> DCs to "one per site." Right now, the domain which I'll keep calling
> example.com has just one site, the "Default-First-Site-Name," and I've
> added
> a subnet for each office to this site. In this case the subnets are:
>
> 10.0.1.0/26
> 10.0.1.64/26

This will work, but what you should really be more concerned about is the
inter-site traffic. Once the content has arrived at the DC in a remote
site, the hard work is all done. Since a site is defined as a collection of
subnet objects sharing relatively high bandwidth, you could very easily
extend the DFS to other DCs in that site without issues.

> Once I've replicated everything I need, I'll move the new DC to
> 10.0.1.64/26. The first DC, which happens to be a SBS2000 machine and is
> "king of the DS forest" as such, is in 10.0.1.0/26. Routing is taken care
> of through VPN routers.
>
> Now, do I need to create a new site in Active Directory Sites and Services
> for each office, and in turn each subnet, and then move each DC to its own
> site? Or is it adequate to define these subnets in a single site and just
> have one DC in each subnet? All I need to make sure of is the
> workstations
> use the closest DC for their logon server, logon scripts and local DFS
> replica.

Create a site for each area that qualifies as a "LAN" or area of relatively
high-quality connectivity. Create subnet objects that match the network for
that area. Computers with IP addresses that fall within the scope of the
subnets you create will automatically be associated with the site those
subnets are in.

You really only need to have one DFS in each site to accomplish what you
want. Any client within that site will automatically prefer the DFS in its
own site. Failing that, it will prefer a DFS in the next closest site
(according to cost - and as long as the AD is 2003).

Keep in mind that you don't necessarily need to use a DC for this. DFS will
replicate to member servers in an Active Directory.

> Each DC at each office will have its own DHCP services, and settings which
> point to itself as the primary DNS server, so the machines on a given
> subnet
> should use that subnet's DC as its primary DNS server.

This isn't necessary either. You could mount 2 DHCP servers in the central
office that could serve the entire enterprise and simply enable BootP across
your routers. All clients will gain addresses from a much simpler and more
managable source. Ensure the leases are long enough to ensure clients keep
leases for at least as long as any percieved WAN outages.

-ds

Relevant Pages

  • DFS replication of user profiles and home directories
    ... setting up roving user profiles that can rove between locations, ... I was able to create a DFS root share, replicate it between ... and therefore its profiles and home shares. ... a subnet for each office to this site. ...
    (microsoft.public.win2000.active_directory)
  • Re: Question if you can synch profiles
    ... I heard of DFS replication, but not too familiar with it, how does it work ... You can sync anything, including roaming profiles. ... You can use DFS ... credentials (based on the Slow Network Detection). ...
    (microsoft.public.windows.group_policy)
  • RE: DFS replication w/ Folder Redirection + Roaming User Profiles
    ... XP Client Roaming Profiles using DFS and FRS are not supported ... DFS replication w/ Folder Redirection + Roaming User Profiles ...
    (microsoft.public.windows.file_system)
  • Re: Quick FRS question
    ... if the local Dfs server is very busy, the Dfs client will go to another one. ... I'm having this problem, and I have different subnets, but 1/4 the time my computers choose a DFS root that is in the wrong subnet. ... I don't know very much about DNS, so if you could explain how to check if subnet priority is on, and how to set up those multiple records for my domain, it would be greatly appreciated. ...
    (microsoft.public.windows.server.active_directory)
  • RE: DFS replication w/ Folder Redirection + Roaming User Profiles
    ... XP Client Roaming Profiles using DFS and FRS are not supported ... DFS replication w/ Folder Redirection + Roaming User Profiles ...
    (microsoft.public.windows.file_system)