DFS shares
-
@TAHIN said in DFS shares:
Glad you got it. I'd recommend adding every DC as a namespace server. It provides redundancy for remotely connected machines. DFS lives in the domain, so you want to give clients as many ways in as you can.
The other DC is also a namespace server.
So is the DFSRoots folder (on the DC) setup automatically at some point or is that manually setup if you want to publish root shares? I've never opted to publish before.
-
the DFSRoots folder is created automatically when you add that server as a namespace server. It only contains links to targets; you generally don't touch it. This plays into the best practice that you don't want to populate any actual data in your DFS Roots. Always create folder targets on separate volumes/servers, so the root links and target locations are separate.
-
This post is deleted! -
This post is deleted! -
This post is deleted! -
@TAHIN said in DFS shares:
the DFSRoots folder is created automatically when you add that server as a namespace server. It only contains links to targets; you generally don't touch it. This plays into the best practice that you don't want to populate any actual data in your DFS Roots. Always create folder targets on separate volumes/servers, so the root links and target locations are separate.
Awesome, thanks for that. I saw a bit more clearly what was going on after you explained the automatic portion.
Any idea why Microsoft makes you use DC shared folders to publish/advertise under \domain instead of just doing it this way, and still showing up when only typing \domain? You had mentioned in one of your earliest posts that it had to be a DC that the share was located on to work the way I originally asked about (very helpful).
-
@BBigford
When you browse to \domain.com, it performs a DFS-GET-REFERRALS against the record that was retrieved from DNS. The namespace has to be explicitly shared on the DC that you're connecting to. It's the same for the other AD shares: If you go to your DC and type 'net share' in cmd, you'll be able to see netlogon, sysvol, and your namespace shares and where they're shared from. In essence all DFS does is present shares in a creative way based on which DC you're closest to; there is no DFS without shares. -
@TAHIN said in DFS shares:
@BBigford
When you browse to \domain.com, it performs a DFS-GET-REFERRALS against the record that was retrieved from DNS. The namespace has to be explicitly shared on the DC that you're connecting to. It's the same for the other AD shares: If you go to your DC and type 'net share' in cmd, you'll be able to see netlogon, sysvol, and your namespace shares and where they're shared from. In essence all DFS does is present shares in a creative way based on which DC you're closest to; there is no DFS without shares.That's making more sense... Too bad that you can't offload all those shares to a file server. I'd rather not have all those shares on the DC that I want to "fully" publish.
Disregard the "Share and Publish" link... that is completely backwards. I was replicating after the namespace was creating, that's not publishing in the way I was thinking (publishing on a domain level... \domain$shares).
-
I need to start trying stuff and poking around before I open my mouth. I can have the \domain\namespace be on the DC. But then the folder targets be on another server like File01 & File02 so nothing is technically stored on the DC, just has pointers/links. Sooo I think I got it. Thanks for the assistance.
-
@BBigford Yes, exactly what I was going to say The DC should only have links to the real data somewhere else.