Файловый архив студентов. Файловый архив студентов.
1271 вуз, 4663 предмет.
/ Регистрация
FAQ Обратная связь Вопросы и предложения
Добавил:
Upload Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз:
Алматинский университет энергетики и связи
Предмет:
[НЕСОРТИРОВАННОЕ]
Файл:

20411B-ENU-TrainerHandbook

.pdf
Скачиваний:
237
Добавлен:
01.05.2015
Размер:
16.48 Mб
Скачать

Administering Windows Server® 2012

MCT

10-33

 

Lesson 5

 

 

Configuring DFS Namespaces

USE

Configuring a DFS namespace consists of several tasks, including creating the namespace structure,

 

 

creating folders within the namespace, and adding folder targets. You can also choose to perform

 

 

additional management tasks, such as configuring the referral order, enabling client fail back, and

 

 

implementing DFS-R. This lesson provides information on how to complete these configuration and

 

 

management tasks to deploy an effective DFS solution.

.ONLY

Lesson Objectives

 

 

After completing this lesson, you will be able to:

 

 

• Describe the process for deploying namespaces to publish content.

 

 

• Describe permissions required to create and manage a namespace.

 

 

• Explain how to create and configure DFS namespaces and folder targets.

 

 

• Describe the options for optimizing a namespace.

 

 

1.Create a namespace. STUDENT Use the New Namespace Wizard to create the

namespace from within the DFS Management

console. When a new namespace is created, USE you must provide the name of the server that

you want to use as the namespace server, and namespace name and type (either domain-

based or standalone). You can also specify whether the namespace is enabled for Windows Server 2008 mode.

2.Create a folder in the namespace. PROHIBITED After you create the namespace, add a folder in the namespace that will be used to contain the

content that you want to publish. During the folder creation, you have the option to add folder targets, or you can perform a separate task to add, edit, or remove folder targets later.

3.Add folder targets.

After you create a folder within the namespace, the next task is to create folder targets. The folder target is a shared folder’s UNC path on a specific server. You can browse for shared folders on remote servers and create shared folders as needed. Additionally, you can add multiple folder targets to increase the folder’s availability in the namespace. If you add multiple folder targets, consider using DFS-R to ensure that the content is the same between the targets.

10-34 Optimizing

4. Set the ordering method for targets in referrals.

 

A referral is an ordered list of targets that a client computer receives from the namespace server whenMCT

a user accesses a namespace root or folder. When a client receives the referral, the client attempts to

USE

 

access the first target in the list. If the target is not available, the next target is attempted. By default, targets in the client’s site are always listed first in the referral. You can configure the method for ordering targets outside the client’s site on the Referrals tab of the Namespace Properties dialog box. You have the choice of configuring the lowest cost, random order, or configuring the ordering method to exclude targets outside the client’s site.

Note: Folders inherit referral settings from the namespace root. You can override the namespace settings on the Referrals tab of the Folder Properties dialog box by excluding targets outside the client’s site.

Optional Management Tasks

A number of optional management tasks that you can consider include:

.ONLY

Set target priority to override referral ordering. You can have a specific folder target that you want STUDENT everyone to use from all site locations, or a specific folder target that should be used last among all

targets. You can configure these scenarios by overriding the referral ordering on the Advanced tab of the Folder Target Properties dialog box.

Enable client failback. If a client cannot access a referred target, the next target is selected. Client failback will ensure that clients fail back to the original target after it is restored. You can configure client failback on the Referrals tab of the Namespace Properties dialog box by selecting the Clients fail back to preferred targets check box. All folders and folder targets inherit this option. However, you can also override a specific folder to enable or disable client failback features, if required.

Replicate folder targets using DFS-R. You can use DFS-R to keep the contents of folder targets in sync. The next topic discusses DFS-R in detail.

Permissions Required to Create and Manage a Namespace

To perform DFS namespace management tasks, a user either has to be a member of an administrative group or has to be delegated specific permission to perform the task. To delegate the required permissions, right-click the namespace and then click Delegate Management Permissions.

PROHIBITED USE

 

 

 

 

Administering Windows Server® 2012

MCT

 

 

 

 

10-35

 

 

 

The following table describes the groups that can perform DFS administration by default, and the method

 

for delegating the ability to perform DFS management tasks.

 

 

 

 

 

 

 

 

 

 

 

 

 

Task

 

Groups that can perform the

Delegation method

USE

 

 

 

 

task by default

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Create a domain-based

 

Domain admins

Click Delegate Management

 

 

 

 

namespace.

 

 

Permissions.

 

 

 

 

 

 

 

 

 

 

 

 

Add a namespace server to a

 

Domain admins

Add users to local administrators

.ONLY

 

domain-based namespace.

 

 

group on the namespace server.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Manage a domain-based

 

Local administrators on each

Click Delegate Management

 

 

 

 

namespace.

 

namespace server

Permissions.

 

 

 

 

 

 

 

 

 

 

 

 

Create a standalone

 

Local administrators on each

Add users to local administrators

 

 

 

 

namespace.

 

namespace server

group on the namespace server.

 

 

 

 

 

 

 

 

 

 

 

 

Manage a standalone

 

Local administrators on each

Click Delegate Management

 

 

 

 

namespace.

 

namespace server

Permissions.

 

 

 

 

 

 

 

 

 

 

 

Create a replication group, or

 

Domain admins

Add users to local administrators

STUDENT

 

 

 

 

 

 

enable DFS-R on a folder.

 

 

group on the namespace server.

 

 

 

 

 

 

 

 

 

 

 

Demonstration: How to Create Namespaces

 

 

 

 

 

This demonstration shows how to:

 

 

 

 

 

• Create a new namespace.

 

 

 

 

 

 

 

• Create a new folder and folder target.

 

 

 

 

 

Demonstration Steps

 

 

 

USE

 

Create a new namespace

 

 

 

 

 

 

 

 

 

 

 

1. Open the DFS Management console.

 

 

 

 

 

2. Create a domain-based namespace on LON-SVR1 named Research.

 

 

 

 

Create a new folder and folder target

 

PROHIBITED

 

1. Create a new folder named

Proposals in the \\Adatum.com\Research namespace.

 

 

 

 

2. Create a folder target for Proposals that points to \\LON-SVR1\Proposal_docs.

3. Confirm namespace functionality by navigating to \\Adatum.com\Research, and confirming that the Proposals folder displays.

10-36 Optimizing File Services

MCT

 

 

 

 

 

 

Optimizing a Namespace

 

 

Namespaces have a number of configuration

 

USE

 

options with which you can optimize its usability

 

and performance.

 

 

 

 

Rename or Move a Folder

 

 

 

You can rename or move a folder in a namespace.

 

 

 

This allows you to reorganize the hierarchy of

 

.ONLY

folders to best suit your organization’s users. For

 

 

 

 

example, when your company reorganizes, you

 

 

 

can reorganize the namespace to match the new

 

 

 

structure.

 

 

 

 

 

 

 

Disable Referrals to a Folder

 

 

A referral is a list of targets that a client computer receives from a domain controller or namespace server

 

 

when the user accesses a root or folder with namespace targets. By disabling a folder target’s referral, you

STUDENT

prevent client computers from accessing that folder target in the namespace. This is useful when you are

poll AD DS periodically to obtain the most current namespace data. The two modes for namespace

moving data between servers.

 

 

Specify Referral Cache Duration

 

 

Clients do not contact a namespace server for a referral each time they access a folder in a namespace;

 

 

instead, namespace root referrals are cached. Clients that use a cached referral will renew the cache

 

 

duration value of the referral each time a file or folder is accessed using the referral. This means that the

 

 

clients will use the referral indefinitely until the client’s referral cache is cleared or the client is restarted.

 

 

You can customize the referral cache duration. The default is 300 seconds (5 minutes).

 

 

Configure Namespace Polling

 

 

To maintain a consistent domain-based namespace across namespace servers, namespace servers must

 

 

polling are:

 

 

Optimize for consistency. Namespace servers poll the primary domain controller (PDC) emulator each USE time a namespace change occurs. This is the default.

Optimize for scalability. Each namespace server polls its closest domain controller at periodic intervals.

PROHIBITED

A replicated folder is synchronized between each member server. Creating multiple replicated folders within a single replication group helps to simplify the following for the entire group:

Administering Windows Server® 2012 10-37

Lesson 6

MCT

Configuring and Troubleshooting DFS-R

 

To configure DFS-R effectively, it is important to understand the terminology and requirements that are associated with the feature. This lesson provides information on the specific elements, requirements, and

scalability considerations as they relate to DFS-R. This lesson also provides a process for configuring an

USE

effective replication topology.

 

Lesson Objectives

 

After completing this lesson, you will be able to:

.ONLY

• Describe replication groups and replicated folders.

• Describe the initial replication process.

• Explain how to configure DFS-N and DFS-R.

• Describe DFS troubleshooting options.

Multipurpose replication group. This STUDENT replication group helps to configure

replication between two or more servers for publication, content sharing, or other scenarios.

Replication group for data collection. This USE replication group configures a two-way

replication between two servers, such as a

branch office server and a hub server. This group type is used to collect data from the branch office server to the hub server. You can then use standard backup software to back up the hub server data.

Replication Group type

Topology

Hub and spoke configuration

Replication schedule

Bandwidth throttling

The replicated folders that are stored on each member can be located on different volumes in the member. Replicated folders do not need to be shared folders or part of a namespace, although the DFS Management snap-in makes it easy to share replicated folders, and optionally, publish them to an existing namespace.

PROHIBITED

10-38 Optimizing File Services

Replication Topologies

When configuring a replication group, you must define its topology. You can select between the following:

Hub and spoke. To select this option, you require at least three member servers in the replication group. This topology works well in publication scenarios where data originates at the hub and is replicated to members at the spokes.

Full mesh. If ten or fewer members are in the replication group, this topology works well, with each member replicating to all others, as required.

No topology. Choose this option if you want to manually configure a custom topology after creating the replication group.

Initial Replication Process

When you first configure replication, you choose a primary member that has the most updated files to be replicated. This server is considered authoritative for any conflict resolution that occurs when the receiving members have files that are older or newer when compared to the same files on the primary member.

Consider the following concepts about the initial replication process:

Initial replication does not begin immediately. The topology and DFS-R settings must be replicated to all domain controllers, and each

member in the replication group must poll its closest domain controller to obtain these settings. Active Directory replication latency and the long polling interval (60 minutes) on each member determine the amount of time this takes.

Initial replication always occurs between the primary member and its receiving replication partners. After a member has received all files from the primary member, that member will replicate files to its receiving partners. In this way, replication for a new replicated folder starts from the primary member and then progresses out to the other replication group members.

When receiving files from the primary member during initial replication, the receiving members with files that are not present on the primary member will move those files to their respective DfsrPrivate\PreExisting folder. If a file is physically identical to a file on the primary member, then the file is not replicated. If the version of a file on the receiving member is different from the primary member’s version, the receiving member’s version is moved to the Conflict and Deleted folder, and RDC can be used to download only the changed blocks.

To determine whether files are identical on the primary member and receiving member, DFS-R compares the files using a hash algorithm. If the files are identical, only minimal metadata is transferred.

PROHIBITED USE STUDENT .ONLY USE MCT

After the initialization of the replicated folder, the primary member designation is removed. MCT (Initialization takes place after all files that exist prior to DFS-R configuration, are added to the DFS-R database.) That member then is treated like any other member, and its files are no longer considered

authoritative over other members that have completed initial replication. Any member that has

completed initial replication is considered authoritative over members that have not completed initialUSE replication.

Demonstration: How to Configure DFS-R

In this demonstration, you will see how to:

Create a new folder target for replication.

Create a new replication group.

Demonstration Steps

Create a new folder target for replication

On LON-SVR1, create a folder target for \\LON-SVR4\Proposal_docs.

Create a new replication group

1.Add the folder to the replication group for LON-SVR1 and LON-SVR4.

2.Declare LON-SVR1 as the primary member, and create a full-mesh replication.

Troubleshooting DFS

Windows Server 2012 provides a number of tools that you can use to monitor and troubleshoot DFS-R. The tools include:

Diagnostic Reports. Use Diagnostic Reports to run a diagnostic report for the following:

o Health Report. Shows extensive replication statistics and reports on replication health and efficiency.

o Propagation Test. Generates a test file in a replicated folder to verify replication and provide statistics for the propagation report.

o Propagation Report. Provides information about the progress for the test file that is generated during a propagation test. This report will ensure that replication is functional.

Verify Topology. Use Verify Topology to verify and report on the status of the replication group topology. This will report any members that are disconnected.

Dfsrdiag.exe. Use this command-line tool to monitor the replication state of the DFS-R service.

PROHIBITED USE STUDENT .ONLY

10-40 Optimizing File Services

Troubleshooting DFS

DFS problems generally fall into one of the following categories:

Unable to access the DFS namespace. Ensure that both the Net Logon service and DFS service are running on all servers that are hosting the namespace.

Inability to find shared folders. If clients cannot connect to a shared folder, use standard troubleshooting techniques to ensure that the folder is accessible and that clients have permissions. Remember that clients connect to the shared folder directly.

Unable to access DFS links and shared folders. Verify that the underlying folder is available and that the client has permissions on it. If a replica exists, verify whether the problem is related to replication latency (refer to the following replication latency entry in this list).

Security-related issue. Remember that the client accesses the shared folder directly. Therefore, you must verify the shared folder and ACL permissions on the folder.

Replication latency. Remember that the DFS-R topology is stored in the domain's AD DS. Consequently, there is some latency before any modification to the DFS-N is replicated to all domain controllers.

PROHIBITED USE STUDENT .ONLY USE MCT

 

 

Administering Windows Server® 2012

 

MCT

 

 

10-41

 

 

Lab B: Implementing DFS

 

 

 

 

 

 

Scenario

 

 

USE

 

A. Datum Corporation has deployed a new branch office. This office has a single server. To support

 

 

 

 

 

 

 

branch staff requirements, you must configure DFS. To avoid the need to perform backups remotely, a

 

 

 

 

departmental file share in the branch office will be replicated back to the head office for centralized

 

 

 

 

 

backup, and branch data files will be replicated to the branch server to provide quicker access.

 

 

 

 

 

Objectives

 

 

.ONLY

 

Lab Setup

 

 

 

After completing this lab, you will be able to:

 

 

 

 

 

 

• Install the DFS role service.

 

 

 

 

 

 

• Configure a DFS namespace.

 

 

 

 

 

 

• Configure DFS Replication.

 

 

 

 

 

 

Estimated Time: 45 minutes

 

 

STUDENT

 

Password

Pa$$w0rd

 

 

Lab Setup

 

 

 

 

 

 

Estimated time: 30 minutes

 

 

 

 

 

 

Virtual Machine(s)

20411B-LON-DC1

 

 

 

 

 

 

20411B-LON-SVR1

 

 

 

 

 

 

20411B-LON-SVR4

 

 

 

 

 

 

 

 

 

 

 

 

User Name

Administrator

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

1.On the host computer, click Start, point to Administrative Tools, and then click Hyper-V ManagerUSE.

2.In Hyper-V Manager, click 20411B-LON-DC1, and in the Actions pane, click Start.

3.In the Actions pane, click Connect. Wait until the virtual machine starts. PROHIBITED

4.Sign in using the following credentials: o User name: Adatum\Administrator o Password: Pa$$w0rd

5.Perform steps 2 through 4 for 20411B-LON-SVR1 and 20411B-LON-SVR4.

10-42 Optimizing File Services

The main tasks for this exercise are as follows:

1.Install the DFS role service on LON-SVR1.

2.Install the DFS role service on LON-SVR4.

Task 1: Install the DFS role service on LON-SVR1

• On LON-SVR1, from Server Manager, under the File and Storage Management role, install the

DFS Namespaces and DFS Replication role services.

Task 2: Install the DFS role service on LON-SVR4

On LON-SVR4, in Server Manager, under the File and Storage Management role, install the

DFS Namespaces and DFS Replication role services.

Results: After completing this exercise, you will have installed the DFS role service on LON-SVR1 and installed the DFS role service on LON-SVR4.

Exercise 2: Configuring a DFS Namespace

Scenario

You have been asked to configure a DFS namespace to support the newly requested file structure. Management has requested that the new structure meet the following requirements:

Namespace: \\Adatum.com\BranchDocs

File shares to include:

o \\LON-SVR4\ResearchTemplates

o \\LON-SVR1\DataFiles

The main tasks for this exercise are as follows:

1.Create the BranchDocs namespace.

2.Enable access-based enumeration for the BranchDocs namespace.

3.Add the ResearchTemplates folder to the BranchDocs namespace.

4.Add the DataFiles folder to the BranchDocs namespace.

5.Verify the BranchDocs namespace.

Task 1: Create the BranchDocs namespace

1.Switch to LON-SVR1 and then open Server Manager.

2.Open DFS Management.

3.Create a new namespace with the following properties: o Server: LON-SVR1

o Name: BranchDocs

o Namespace type: Domain-based namespace, and select Enable Windows Server 2008 mode

4.Under the Namespaces node, verify that the namespace has been created.

PROHIBITED USE STUDENT .ONLY USE MCT

Соседние файлы в предмете [НЕСОРТИРОВАННОЕ]
Помощь Обратная связь Вопросы и предложения Пользовательское соглашение Политика конфиденциальности