Archive for February, 2009

Why you all want to use DFS – Part 1 Introduction to DFS

24/02/2009 3 comments

Distributed File System (DFS) has been a part of Windows Server for about 10 years now and still a lot of companies and IT Administrators have not yet adopted the features of running DFS in their environment. DFS has so many advantages that I personally haven’t got a clue, why all companies are not using DFS already. That’s why I decided to spread some information about the big advantages in using DFS.

When using a mapped drive letter (mapped to \\server\share) some applications are using the UNC path instead of the drive letter. Is that a problem? YES.
In the future (sometime) the file server has to be replaced with a newer one and the new file server will get a new server name. Then you can use File Server Migration toolkit to copy files, ACL and shares to the new file server, edit login script and all seems ok. But it’s not! Because of the applications using the UNC instead of the drive letter some programs may still be looking for the old file server and links are broken. I have seen these problems a lot of times.

One solution, is to start using Domain based DFS. You’ll experience the same problems as mentioned above, but it will be the last time. When using DFS (always as domain based in my opinion) you’ll be able to access your data through the domain name example \\corp.redsky.local\Data, where the data share is your DFS Namespace (formerly called DFS Root). If DFS is not already installed on your Windows Server 2008 box, then you can add the File Server Role and remember to check Distributed File System.



The wizard now allow us to create the desired Namespace, Data.

Finish the Wizard without creating any Folders.

Before going any further, I recommend that you add another Namespace Server for the Data Namespace. This is done for redundancy.

In the Data Namespace it’s now possible to create a Folder (formerly called links) with a Folder Target. A Folder Target is the actual UNC path to the data, so creating a Folder called Sales with a Folder Target to \\server\share within the Data Namespace, will look like this for the Admin:

..and like this to the user, who has mapped the Data Namespace to drive S. The client will ask the Namespace servers for the path to the Sales data when the user clicks at the sales folder and the client will seamless get redirected to the sales data, where ever they are.

Keep in mind that the Folder Target could be on any server in the company, the user doesn’t see the difference, only the Folder Name is seen. So now you’ll be able to add all your shares to one view in the Data Namespace and already have a bunch of advantages. (It’s possible to create more than one Namespace too).

You’ll only have to map one drive letter, all users will view the data the same way and applications which uses the UNC instead of the drive letter will use \\domainname\namespace and because of that, moving the files between servers is perfectly okay, the Domain Name, Namespace Name and the Folder Names will be the same and all links will be intact.

Replicating files with DFS and DFS-R will be covered in part 2.

Categories: Windows Server

Windows Server 2008 R2 DNSSEC

Today DNS does not offer any form of security (without 3. party software) and is then vulnerable to spoofing, man-in-the-middle and cache poisoning attacks. Attacks of this kind can compromise all future communications to the host or client. For this reason, it has become critical to secure DNS.

Domain Name System Security Extensions (DNSSEC) will be a part of Windows Server 2008 R2.

Read more here.

Categories: Windows Server