Ahmed Hussein Online

Active Directory Rights Management Services (AD RMS ) : Part 7 ( Create a DFS Share)

March 5th, 2011

this this post we will see how to create a distributed file system (DFS) so that our RMS templates will be always online

Note: there is other methods to do this like DNS round robin and manually maintain the file share path on the RMS servers , or store the template inside the netlogin or the sysvol  folder on any Domain and it will be replicated after all its only few KB

 

a bit about DFS

Distributed File System (DFS) Namespaces and DFS Replication offer simplified, highly-available access to files, load sharing, and WAN-friendly replication. In the Windows Server® 2003 R2 operating system, Microsoft revised and renamed DFS Namespaces (formerly called DFS), replaced the Distributed File System snap-in with the DFS Management snap-in, and introduced the new DFS Replication feature. In the Windows Server® 2008 operating system, Microsoft added the Windows Server 2008 mode of domain-based namespaces and added a number of usability and performance improvements.

What does Distributed File System (DFS) do?

The Distributed File System (DFS) technologies offer wide area network (WAN)-friendly replication as well as simplified, highly-available access to geographically dispersed files. The two technologies in DFS are the following:

  • DFS Namespaces. Enables you to group shared folders that are located on different servers into one or more logically structured namespaces. Each namespace appears to users as a single shared folder with a series of subfolders. This structure increases availability and automatically connects users to shared folders in the same Active Directory Domain Services site, when available, instead of routing them over WAN connections.
  • DFS Replication. DFS Replication is an efficient, multiple-master replication engine that you can use to keep folders synchronized between servers across limited bandwidth network connections. It replaces the File Replication Service (FRS) as the replication engine for DFS Namespaces, as well as for replicating the AD DS SYSVOL folder in domains that use the Windows Server 2008 domain functional level.

Who will be interested in this feature?

Administrators of large networks who want to organize and increase the availability of shared folders by creating a namespace and administrators who want to keep folders synchronized between servers in an efficient manner by using DFS Replication will be interested in this feature.

What new functionality does this feature provide?

DFS in Windows Server 2008 is implemented as a role service of the File Services role. The Distributed File System role service consists of two child role services:

  • DFS Namespaces
  • DFS Replication

To manage DFS Namespaces and DFS Replication on a computer running Windows Server 2008, you can use the DFS Management snap-in hosted by Server Manager, or you can use the DFS Management snap-in from the Administrative Tools folder.

The following sections describe the individual changes in DFS Namespaces and DFS Replication for Windows Server 2008.

What new functionality is provided by DFS Namespaces?

DFS Namespaces in Windows Server 2008 includes the following changes.

Access-based enumeration

Access-based enumeration allows users to see only files and folders on a file server to which they have permission to access. This feature is not enabled by default for namespaces (though it is enabled by default on newly-created shared folders in Windows Server 2008), and is only supported in a DFS namespace when the namespace is a standalone namespace hosted on a computer running Windows Server 2008, or a domain-based namespace by using the Windows Server 2008 mode.

Cluster support

DFS Namespaces in Windows Server 2008 supports creating stand-alone namespaces on a failover cluster from within the DFS Management snap-in. To do so, specify a failover cluster on the Namespace Server page of the New Namespace Wizard.

Windows Server 2008 mode domain-based namespaces

Windows Server 2008 includes the ability to create a domain-based namespace in Windows Server 2008 mode. Doing so enables support for access-based enumeration and increased scalability. The domain-based namespace introduced in Windows® 2000 Server is now referred to as "domain-based namespace (Windows 2000 Server mode)."

To use the Windows Server 2008 mode, the domain and domain-based namespace must meet the following minimum requirements:

  • The forest uses the Windows Server 2003 or higher forest functional level.
  • The domain uses the Windows Server 2008 or higher domain functional level.
  • All namespace servers are running Windows Server 2008.

If your environment supports it, choose the Windows Server 2008 mode when you create new domain-based namespaces. This mode provides additional features and scalability, and also eliminates the possible need to migrate a namespace from the Windows 2000 Server mode.

 

What new functionality is provided by DFS Replication?

DFS Replication in Windows Server 2008 includes the following changes.

Content Freshness

DFS Replication in Windows Server 2008 has a new feature called Content Freshness, which prevents a server that was offline for a long time from over-writing fresh data when it comes back online with stale (out-of-date) data.

Improvements for handling unexpected shutdowns

In Windows Server 2008, DFS Replication now allows for quicker recovery from unexpected shutdowns. Unexpected shutdowns can occur because of the following reasons:

  • Unexpected shutdown of DFS Replication: This could occur if the DFS Replication process crashes, is ended, or stops because there are insufficient resources.
  • Unexpected shutdown of the computer: This could occur if the computer crashes or loses power while DFS Replication is running.
  • Unexpected shutdown of the volume: This could occur if the volume hosting a DFS Replication content set loses power, is disconnected, or is forced to dismount.

Unexpected shutdowns of the computer and the volume can cause the NTFS file system to lose changes which have not been copied to disk. Therefore the DFS Replication database can become inconsistent with the on-disk file system state.

On Windows Server 2003 R2, an unexpected shutdown may force DFS Replication to perform a complete database rebuild, which can be very time consuming. DFS Replication in Windows Server 2008 usually does not need to rebuild the database following unexpected shutdowns, and thus recovers much more quickly.

 

if you still have questions about DFS I recommend that you read  The Basics of the Windows Server 2008 Distributed File System (DFS) blog post from Jose Barreto blog

 

Creating a namespace and replication group to replicate the templates

clip_image002

clip_image004

clip_image006

clip_image008

clip_image010

I am running on windows 2003 AD mode so 2008 DFS mode unavailable

clip_image012

clip_image014

we add the second node

clip_image016

clip_image018

clip_image020

clip_image022

clip_image024

clip_image026

Now we set the folder location

clip_image028

clip_image030

Next step we set the needed permission for the RMS cluster to access the share

clip_image032

changing the NTFS permission is needed only on one node as it will be replicated to the other node

clip_image034

 

Note : you can force the offline files policy on this folders so that clients can use the template from outside the organization

next we set the file location for the templates

clip_image036

 

Next step importing the ADM files for Microsoft office and point it to the Template share location

You can download the office 2010 adm files from (http://www.microsoft.com/downloads/en/details.aspx?FamilyID=64b837b6-0aa0-4c07-bc34-bec3990a7956&displaylang=en )

clip_image038

clip_image040

Related Posts

Tags: , ,
Posted in RMS, Windows Server

Leave a Reply

CAPTCHA Image
*