As an example I have 3 DFS servers all on different sub-nets each with an authoritative initial share on each (\\svr1\accounts
, \\svr2\sales
, \\svr3\hr
).
I have enabled replication on all servers (mesh) so that I have the 3 shares on each server (i.e. svr1 would have the 3 shares accounts
, sales
and hr
, and the same for the other 2 servers).
Since there are multiple source shares for each folder, how does the client know the share to connect to (we would want to connect to the local file server as opposed to the one over the slow VPN).
How does DFS-R work in the above scenario? I see two possibilities:
Can i use the root namespace i.e.
\\mydomain.local\file\accounts
and have it redirect automatically to the local server (based on latency, or active directory site subnets)Or do i have to point it manually to the local server i.e.
\\svr1\accounts
(at the expense of svr1 going down I loose connectivity)?
If it is the first possibility, is there any configuration that needs to be made?
Disclaimer: I'm plotting my first DFS implementation at work, so my understanding comes from books (specifically Windows Server 2012: Inside Out in this case) rather than practice. But, I'm definitely interested in the answer.
Assuming I understand your question, I think you're asking two discrete questions:
According to Windows Server 2012: Inside Out (around page 1244 or so), when a client requests a referral for a domain-based namespace, it looks a Domain Controller(herein, DC) for guidance. The DC then responds with a decision informed by data stored across several in-memory caches that describe the DFS & site structures.
First, the DC checks the referral cache for information about the requested object. If the relevant object isn't found, the DC locates the "DFS object for that namespace" to generate a referral object to pass on to the client. The referral object contains a list of UNC paths that the client can use.
The caches polled by the DC to formulate the referral object include the Site Cost cache and the Client and Target Site Caches, as well as some others. It's a little ambiguous whether the referral object also contains information gleaned from these sources so that the client can choose the best path from among the UNC paths, or if the server restricts the UNC paths returned to the client based on its assessment of 'nearness'.
Further on, it sounds like site configuration, particularly link-weights, inform the 'proximity' calculations.
Finally, I feel that manually pointing clients to specific servers would defeat one of the main reasons behind implementing DFS in the first place; i.e.: adding a layer of abstraction for clients to look up / access file shares regardless of which server said shares are located on. (Which also allows administrators to MOVE said shares when necessary, while limiting the need for reconfiguring logon scripts, etc., etc.)
PS: Sorry for the wordiness; I just got home and had to research this stuff.
EDIT: So, basically, I think what you need to do is make sure to configure a site for each... well, site that you have. IE: You probably want to create a Site for each server that's replicating over a WAN. Also, if this is a domain-based DFS implementation, you'll want to think about where your DCs are located - since the clients will be asking the nearest DC for a UNC referral.
DFS Namespaces automatically select the "idea" endpoint based on internal scoring. Ideally, this means that it will always select the closest server to you and on the same subnet. However, from my experience this doesn't always happen.
Namespaces and Replication are two different things that work with each other, so you can have replication without visible namespaces and namespaces without the replication aspect. I would map using the root namespace in this case, however.
there is a very good answer for your question.
http://blogs.technet.com/b/askds/archive/2011/09/16/active-directory-site-topology-not-just-for-dcs.aspx
Regards, Kai