Part 2 of our Network Remodeling / Redesigning / Restructuring services series
In my previous post Active Directory Design, Optimization, and Automation we discussed how your organization’s Active Directory design acts as the core system in which most other network functions stem from. In this post Network Resource Availability and Data Integrity we will be discussing a few features within Windows Server that every IT administrator should be taking advantage of.
DFS for Network Paths
One feature of Distributed File System (DFS) is that it abstracts the hostname from the UNC paths of a file share into one common namespace for your entire network:
- from paths (UNC examples): \\Server\Accounting (or \\RemoteServer\Customers)
- to paths (DFS examples): \\Company.com\Accounting (\\Company.com\Customers)
Why is this helpful for your resource availability? During network changes and server migrations, having all your shared network resources falling under one top level UNC naming scheme prevents group policy settings, scripts, MSI installation packages, end-user shortcuts, SharePoint paths from breaking. Group policies and scripts can reference the (\\Company.com\Accounting) folder regardless of the server (or servers) where it resides on. The shares can reside on any servers throughout your network (local or remote) and can be easily be manipulated behind the scenes. Pre-staging file server migrations become less complicated and migrating end-users to new servers can happen within minutes utilizing DFS.
DFS for Replicating Data
Another feature of DFS is that it can keep folder replicated between multiple servers:
This Wisconsin manufacturer needed to modernize its IT infrastructure to support rapid business growth.
Discover what they did- Replica at headquarters: \\Server\Public
- Replica at remote office: \\RemoteServer\Public
This is a very handy feature for keeping replicated folders in sync at multiple locations. In addition when end-users at remote locations access the \\Company.com\Share DFS path they will automatically be directed to the nearest server’s replica just as long as a replica exist on that particular server. Your probably thinking – Wow! I can replicate our entire file server to remote servers for an offsite disaster plan, plus end-users can now work much faster because they will be accessing the data directly from their location. This is theoretically true, however one major drawback of DFSR is that it lacks the ability to lock files that are being accessed, and because this feature is missing, DFSR is not recommended to be setup in this fashion. For example, if two users open the same excel spreadsheet there will be a file conflict that will need to be manually fixed (you might have experience this if you ever shared a Dropbox account and tried to work on files simultaneously with another user).
So without getting into too much detail, DFSR is recommended to be setup in a fashion that multiple files access will not become a problem. User Folder Redirection and Roaming Profiles are both good examples were access is generally limited to a single logged on user and will give significant performance benefits to for individuals that work between multiple remote locations. There is a 3rd party software add-on for DFSR I briefly looked into in the past that adds file locking abilities to overcome this limitation. Unfortunately, I cannot comment on it because we never had the opportunity to implement it (more information can be found here: www.peersoftware.com).
Folder Redirection
I feel like other IT engineers may argue with me on this topic, especially once I get into roaming profiles – a topic I will save for a future blog post. Folder redirection from my experience was never a solid feature in older editions of Windows. Matter of fact, at one point in my career I actually home-brewed my own logon script that would run a Robocopy sync operation during logon/logoff of laptop computers to synchronize the users local folders and settings to the network. The built-in Windows file synchronizing operation was simply too slow. But things are much more improved now-a-days. Simply setting up a share on your server with the necessary NTFS permission and creating the Group Policies required to perform the function can easily provide critical backups to all your client computers.
End-user’s Documents, Pictures, Desktop, etc folders are redirected to a designate server share and will be synchronized and available offline. Team this up with your Windows Server or Veeam backup strategy, and now you can have longer backup retention times and offsite backups as well!
FRSR for quotas and file screens
Tired of that one guy dumping his entire MP3 collection on his network drive and wreaking havoc? Simply setting file screens on network shares can allow for significant storage savings on public share and redirected folders. Some common file types I like to screen for are (.exe, .mp3, .mp4, .ipa, .ost, .iso, thumbs.db, DS_Store, and Desktop.ini). In addition, quotas can also be implemented to force end-users to perform house cleaning on all their limited storage capacity.
Setup volume shadow copies
Another feature that can easily be enabled that can add a safety net to incremental file changes throughout the day. When file shares are protected by shadow copy service, snapshots are taken periodically throughout the day of network shares, and previous versions of files are saved. For instance, when a word document on a network share is changed a pervious version of the file is automatically retained.
Related Articles
Overview: Network Remodeling/Redesigning/Restructuring Services
Part 1: Active Directory Design, Optimization, and Automation
Part 3: Client OS Deployments & Management