ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Migrate to DFS from UNC file shares? Complications..

    Scheduled Pinned Locked Moved IT Discussion
    118 Posts 8 Posters 76.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jason Banned @ntoxicator
      last edited by

      @ntoxicator said:

      Anyways, besides the fact of original posting. Essentially, DFS will not work for us due to file locks. I'm waiting to see if we can purchase an intel atom D525 server for this satellite office, or even a super micro i3 server that will run 2008 R2.... only will have ~20 employee's there.

      a NAS would be a better option than an intel atom or core i3 running windows server..

      Why would you be installing a new server as 2008 R2? that's quite old now.

      1 Reply Last reply Reply Quote 0
      • ntoxicatorN
        ntoxicator
        last edited by

        Satellite office will need AD authentication, as right now they're authenticating over site-to-site vpn tunnel and pulling data over tunnel.

        File shares over tunnel.

        Local server, the mindset was local authentication (Secondary Domain controller / AD slave), and that server have shares.

        I'm not aware of being able to use a NAS with file structure and appropriate file folder permissions from windows server. Would have to create file share on the NAS, and attach as network drive to windows server, and then from there build file folder permissions and such

        We do have MS Maps account and access to keys and server 2012. Personally i cannot stand 2012, but it does work... or I'm just naive and not skills? I have skills, but I have a personal passion hate for windows servers and the overly complex bullshit. I've managed linux servers and just grew up with linux; besides the point here.

        I understand the business aspect of posting a net revenue of XX, but only having a gross of such due to overhead and employee payroll expense.....

        I would have no problem presenting a plan outline and I will do it regardless, so they can see it on paper. Just for our company size/structure does not make since. As I have direct line of communicate to the CEO.

        I've given hard numbers and even a minimal proposal from Scale computing; just so they could get a general idea of numbers. Also obtained server quotes on new hardware to compare against using a new setup on XenServer.

        J 2 Replies Last reply Reply Quote 0
        • J
          Jason Banned @ntoxicator
          last edited by Jason

          @ntoxicator said:

          I'm not aware of being able to use a NAS with file structure and appropriate file folder permissions from windows server. Would have to create file share on the NAS, and attach as network drive to windows server, and then from there build file folder permissions and such

          If you're referring to NTFS permissions almost all NAS devices will support that as well as being AD joined. You don't need a windows server in front of a NAS.

          JaredBuschJ 1 Reply Last reply Reply Quote 0
          • JaredBuschJ
            JaredBusch @Jason
            last edited by

            @Jason said:

            @ntoxicator said:

            I'm not aware of being able to use a NAS with file structure and appropriate file folder permissions from windows server. Would have to create file share on the NAS, and attach as network drive to windows server, and then from there build file folder permissions and such

            If you're referring to NTFS permissions almost all NAS devices will support that as well as being AD joined. You don't need a windows server in front of a NAS.

            Additionally, AD authentication traffic is minimal. Hell with Windows 10 it is now designed to go to Azure AD.

            1 Reply Last reply Reply Quote 2
            • ntoxicatorN
              ntoxicator
              last edited by

              the office setup, or satellite users will be there for about a year before moved to new building being built...

              yes, I can probably use LDAP or a AD connector with the NAS... just want less shit to worry about or break/issues.

              Authentication over VPN i know is fine... its the fact we do roaming profiles and folder redirection. Thats reason for my thought of having onsite windows server. Is this wrong of me to think in that mindset?

              Ofcourse I can easily setup a simple NAS with RAID-1, and then create file shares off that. But the fact is we have GPO settings on the PDC that also can be pushed to these users

              IE; pushing a new default printer for this new office location. Hell, I still need to create a new security group / organization to put new users in and build a policy off that.

              The move to this temporary office was a last minute item; and a get it done quick aspect from decision makers. Employee's have been there for a week now.

              also carrying VOIP traffic over vpn tunnel. normal stuff.

              JaredBuschJ 1 Reply Last reply Reply Quote 0
              • JaredBuschJ
                JaredBusch @ntoxicator
                last edited by

                @ntoxicator said:

                the office setup, or satellite users will be there for about a year before moved to new building being built...

                yes, I can probably use LDAP or a AD connector with the NAS... just want less shit to worry about or break/issues.

                Authentication over VPN i know is fine... its the fact we do roaming profiles and folder redirection. Thats reason for my thought of having onsite windows server. Is this wrong of me to think in that mindset?

                Ofcourse I can easily setup a simple NAS with RAID-1, and then create file shares off that. But the fact is we have GPO settings on the PDC that also can be pushed to these users

                IE; pushing a new default printer for this new office location. Hell, I still need to create a new security group / organization to put new users in and build a policy off that.

                The move to this temporary office was a last minute item; and a get it done quick aspect from decision makers. Employee's have been there for a week now.

                also carrying VOIP traffic over vpn tunnel. normal stuff.

                You are wrong to want a server everywhere, yes.

                Look at other methods to achieve it.

                1 Reply Last reply Reply Quote 1
                • ntoxicatorN
                  ntoxicator
                  last edited by

                  Ok so explain this to me, as I'm obviously hitting a wall.

                  These were existing employee's at existing office, which now subside within the satellite office.

                  I would have to move their User folder file, and profile folder to a new network location.

                  Simply would I be able to attach this NAS network drive to the current PDC and then from there create a group policy for this new set of users which points to this new network file path? Then I can copy their user profile folders to this new network path.... keeping their existing user data and settings?

                  JaredBuschJ DashrenderD 2 Replies Last reply Reply Quote 0
                  • JaredBuschJ
                    JaredBusch @ntoxicator
                    last edited by

                    @ntoxicator said:

                    Ok so explain this to me, as I'm obviously hitting a wall.

                    These were existing employee's at existing office, which now subside within the satellite office.

                    I would have to move their User folder file, and profile folder to a new network location.

                    Simply would I be able to attach this NAS network drive to the current PDC and then from there create a group policy for this new set of users which points to this new network file path? Then I can copy their user profile folders to this new network path.... keeping their existing user data and settings?

                    I've never seen redirected user folders work smoothly, but yes. That is basically it.

                    1 Reply Last reply Reply Quote 0
                    • ntoxicatorN
                      ntoxicator
                      last edited by gjacobse

                      So What is it that K12 environments use for user profiles and user data? Being that no user files are saved to workstations.

                      Is it my older teachings and methods to use Folder Redirection and roaming profiles? This is documented in 2008 R2 tech setups. I've used it on numerous setups and folder redirection has worked beautifully.

                      It would be a nightmare with employee turnover and the amount of times we shift employees around office to different desks to store data on individual machines.

                      I'm assuming look into a way of user home drives? I would think this would be messier approach?

                      You guys make me feel like a f[moderated]ing idiot at times.... simple direction is great or maybe some hand holding at times with my point of view and logic? Its like a pissing contest on here...

                      JaredBuschJ J 2 Replies Last reply Reply Quote -1
                      • JaredBuschJ
                        JaredBusch @ntoxicator
                        last edited by gjacobse

                        @ntoxicator said:

                        You guys make me feel like a f[moderated]ing idiot at times.... simple direction is great or maybe some hand holding at times with my point of view and logic? Its like a pissing contest on here...

                        You asked for thoughts. I gave mine. if you don't want them, don't ask.

                        With that kind of reply it sounds like you only wanted someone to say what you already wanted to do. F[moderated] that.

                        Anyway, I stated that I have never seen user redirection work well. Period. I never said it cannot work or that it is not a viable solution. I know others that use it with no issues at all. @KyleCaminita for one. Still does not change my opinion on the subject.

                        1 Reply Last reply Reply Quote 0
                        • J
                          Jason Banned @ntoxicator
                          last edited by

                          @ntoxicator said:

                          So What is it that K12 environments use for user profiles and user data? Being that no user files are saved to workstations.

                          They teach users to save to network drives, and they learn quickly else they lose data. Very few environments have a true need for roaming profiles and they usually suck anyway.

                          There's also cloud storage type options too own cloud, Pydio etc.

                          Your over complicating this. Just because someone is getting GPOs applied doesn't mean the server needs to be right there. It's Minimal traffic, and most of those things you mention like printers aren't going to be changing often, it will sync the GPO locally to the computer and apply it, it will only need to update if the GPO gets updated in the domain after that

                          1 Reply Last reply Reply Quote 1
                          • J
                            Jason Banned @ntoxicator
                            last edited by

                            @ntoxicator said:

                            I've given hard numbers and even a minimal proposal from Scale computing; just so they could get a general idea of numbers. Also obtained server quotes on new hardware to compare against using a new setup on XenServer.

                            That's a bit over kill for a 20 user temp site even if you needed a server no reason for a scale system. If anything pick up something from xbyte or Dell outlet. But even that isn't really needed

                            1 Reply Last reply Reply Quote 0
                            • DashrenderD
                              Dashrender
                              last edited by

                              It's late, and I'm still not caught up here on ML.. I'll try to post a few suggestions tomorrow.

                              In the meantime, I just add that I too have been using folder redirection for My Documents since Windows 2000 - they work near flawlessly. I added redirecting Favorites about 2 years ago, again flawless.

                              I've done a few redirection of Desktop - that that's a whole other story and I've seen many problems with this, mainly because the desktop is not actually local anymore, it's remote on the server, sure it can be cached for offline use, but I have seen many problems with it, many centered around performance.

                              And roaming profiles - hot damn.. not if I can avoid. Those things corrupt all the time on me.. maybe it's my 100 Mb slow ass network causing that issue?

                              J 1 Reply Last reply Reply Quote 2
                              • J
                                Jason Banned @Dashrender
                                last edited by

                                @Dashrender said:

                                In the meantime, I just add that I too have been using folder redirection for My Documents since Windows 2000 - they work near flawlessly. I added redirecting Favorites about 2 years ago, again flawless.

                                Folder redirection works great. This main issues are

                                Sometimes software's hardcode the my documents folder to store data.

                                And Laptops, Offline Files can break.

                                DashrenderD 1 Reply Last reply Reply Quote 0
                                • DashrenderD
                                  Dashrender @Jason
                                  last edited by

                                  @Jason said:

                                  @Dashrender said:

                                  In the meantime, I just add that I too have been using folder redirection for My Documents since Windows 2000 - they work near flawlessly. I added redirecting Favorites about 2 years ago, again flawless.

                                  Folder redirection works great. This main issues are

                                  Sometimes software's hardcode the my documents folder to store data.

                                  And Laptops, Offline Files can break.

                                  Yep, both those examples are true, though in 16 years I've rarely run into the software issue, and the Offline situation has greatly improved since Windows 7, 6+ years ago.

                                  1 Reply Last reply Reply Quote 0
                                  • DashrenderD
                                    Dashrender @ntoxicator
                                    last edited by

                                    @ntoxicator said:

                                    Simply would I be able to attach this NAS network drive to the current PDC and then from there create a group policy for this new set of users which points to this new network file path? Then I can copy their user profile folders to this new network path.... keeping their existing user data and settings?

                                    Curious why you would attach the NAS, I'm assuming over the VPN, to the AD back at the main office? A NAS looks just like a Windows Server to a Windows client computer - so you can use your GPOs to push mapped drives, the mapping being something like net use s: \NAS\sharename. Assuming you buy a NAS that supports AD integration (my cheap Buffalo NAS does) you can assign user permissions to the shares, and the files within the file system.

                                    Any file that is accessed primarily by the remote site should be put on that NAS (don't forget your backups).

                                    As JB said earlier, you don't need AD/DNS/DHCP at the remote site. Those features use very little bandwidth and typically work just fine on WAN/VPN connections, so not buying a server and a license for that server would be a cost savings. That said, you could always stand up a Linux AD box - supposedly the AD implementation on Linux will fit right in with Windows, and nothing will be the wiser. So while this wouldn't save you any hardware costs, it would save you an $800 Windows Server license and allow you to have local AD/DNS/DHCP.

                                    1 Reply Last reply Reply Quote 1
                                    • ntoxicatorN
                                      ntoxicator
                                      last edited by

                                      Thanks for the input

                                      Reason mentioning onsite server was because we have a MAPS account which has server licenses, so cost is $0 right now; as the money has already been spent. (was spent)

                                      So, I would just configure a NAS and present it BACK to the primary domain controller (over VPN UNC share)?

                                      The fact is, CEO and management complaining users are not able to work efficiently enough. As all data right now is going over the VPN tunnel. Looking to mitigate this, so the new users at this remote site will have their folder redirection and roaming profile stored locally at that location.

                                      Then the only data going over VPN would be the AD authentication and GPO's.

                                      so -- the advice is to setup a local NAS, create file shares. Then at the Primary domain controller, attach the UNC share? I thought I couldnt do folder redirection and roaming profiles on network attached storage?

                                      DashrenderD scottalanmillerS 3 Replies Last reply Reply Quote 0
                                      • DashrenderD
                                        Dashrender @ntoxicator
                                        last edited by

                                        @ntoxicator said:

                                        So, I would just configure a NAS and present it BACK to the primary domain controller (over VPN UNC share)?

                                        You keep mentioning this. There is no back. This is no connection of any kind between the NAS and the Domain controller in the main location - unless you map it as a network drive.

                                        Then the only data going over VPN would be the AD authentication and GPO's.

                                        Correct

                                        so -- the advice is to setup a local NAS, create file shares.

                                        Yes

                                        Then at the Primary domain controller,

                                        There is no such thing anymore. PDCs died with Windows NT 4.0. You should drop this from usage as some people will attack you for it. While there are special cases, all Domain controllers are equal and Read/Write, unlike the NT 4.0 and previous days. They are simply called Domain Controllers (DC) or Active Directory Domain Controllers (AD DC).

                                        attach the UNC share? I thought I couldnt do folder redirection and roaming profiles on network attached storage?

                                        You can folder redirect to any SMB share, it doesn't matter where it's hosted. For example, you can use Group Policy to map network shares to Linux or Macs, as long as those platforms have SAMBA shares setup. SAMBA is the Linux implementation of Microsoft's SMB sharing protocol.

                                        ntoxicatorN 1 Reply Last reply Reply Quote 1
                                        • ntoxicatorN
                                          ntoxicator @Dashrender
                                          last edited by

                                          @Dashrender said:

                                          Thank you

                                          1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @ntoxicator
                                            last edited by

                                            @ntoxicator said:

                                            So, I would just configure a NAS and present it BACK to the primary domain controller (over VPN UNC share)?

                                            UNC is like URL. You don't say that you are presenting a website over URL. You present it over HTTP. UNC is the same. There is no such thing as a UNC share. UNC is the name of the address of an SMB Share. If you feel the need to specify that this is an SMB Share instead of an NFS Share, always use SMB (or SMB 3.1 or whatever if you need to be super specific) or just a share to denote that it is a network file system.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 3 / 6
                                            • First post
                                              Last post