Installing and Configuring DFS-N on Windows Server 2016

The Distributed File System on Windows Server 2016 consists of two components. Distributed File System Namespaces and Distributed File System Replication. In this blog post we will review Distributed File System Namespaces, and then look at how to install and configure DFS-N on Microsoft Windows Server 2016.

 

Navigation

1. Distributed File System Namespaces (DFS-N)
   1.1 Installing DFS-N
   1.2 Creating a DFS Namespace
   1.3 Adding Namespace Server to the Namespace
   1.4 Adding a DFS-N Folder with Folder Targets

   1.5 Configuring the properties of a DFS-N root
   1.6 Additional Configuration options for DFS-N

 

 

.

 


1. Distributed File System Namespaces (DFS-N)

 

With DFS-N, you can create namespaces. Namespaces are shares under which you can group shared folders from different servers on your network. A namespace functions as a “links” page that points the clients to the particular server or servers where the different shares reside. So instead of creating drive maps for multiple servers and their shares, you can simply create a drive map to the namespace, under which users will find the different shares.

 

Without DFS-N With DFS-N
\\FS001\Sales
\\FS002\Marketing
\\FS010\Users
\\Shabaztech.com\Shares\Sales
\\Shabaztech.com\Shares\Marketing
\\Shabaztech.com\Shares\Users


A DFS namespace consists of the following 4 elements,


♦ Namespace server – The server that hosts the namespace.
♦ Namespace root – The root is the starting point of the namespace. In the picture above, the name of the root is Public, and the path is \\Shabaztech.com\Public

♦ Folder – Empty folders, ie those without a folder target, can be used to structurize the namespace.
♦ Folder targets – A folder target points to a shared folder on one or many servers.


There are two types of DFS namespaces that you can create on Windows Server 2016,

Domain-based namespaces

The metadata for this type of namespaces is stored in Active Directory Domain Services, and they are deployed when there is a need to ensure that the namespace remains available, even if one of the servers hosting the namespace is offline. In other words, multiple servers can host the same namespace. Domain-based namespaces can be hosted on a member server or a domain controller in the same domain in which the namespace is configured. Since the metadata is stored in AD DS, users can browse to the namespace by using the Netbios or FQDN of the domain, such as for example \\shabaztech.com\Public, and they don’t have to know the name of the namespace servers hosting the namespace.

There are two different modes you can deploy domain-based namespaces in,

• Windows 2008 mode
⇒ Supports 50 000 folder targets
⇒ Supports Access-based enumeration
⇒ Requires that the domain hosting the namespace must be at minimum Windows Server 2008 domain functional level
⇒ Requires that the Active Directory forest functional level is minimum Windows Server 2003


• Windows 2000 mode
⇒ Supports only 5000 folder targets

 

Stand-alone namespaces

The metadata for this type of namespaces is not stored in Active Directory, and they can only be hosted by a single server. That server can be a stand-alone server, a member server or a domain controller. Stand-alone namespaces support up to 50 000 folder targets, and are generally deployed when you can not deploy a domain-based namespace in Windows 2008 mode, due to the domain not being at required functional level. Stand-alone namespaces can be hosted by a failover cluster to increase availability.

 

 

 

.

 

1.1 Installing DFS-N

 

 

You can install the DFS-N role by using the Add Roles And Features Wizard in Server Manager.

1.1.1 Select the Role-Based Or Feature-Based Installation option
1.1.2 On the Select Server Roles page, select File Server and DFS Namespaces


1.1.3 Click Add Features to install management tools as well


1.1.4 Click Next twice, and then click on Install

 

 

 

.

 

1.2 Creating a DFS Namespace

 

1.2.1 Start DFS Management
1.2.2 Right-click Namespaces → New Namespace

1.2.3 Enter the name of the server that will host the namespace, Click Next

1.2.4 Enter a name for the new namespace, this will by default also be the name of the shared folder that the New Namespace Wizard will create

1.2.5 By clicking on Edit Settings on the Namespace Name and Settings page of the Wizard, you can change path and shared folder permissions for the new namespace

1.2.6 Select the type of namespace to create, click Next

1.2.7 Click Create

1.2.8 Click Close

1.2.9 A domain-based namespace automatically publishes its topology (the roots, links, and targets) in the domain partition of Active Directory Domain Services. You can view this information by using the ADSI-edit tool.

 

 

 

.

 

1.3 Adding Namespace Server to the Namespace

 

1.3.1 Right-click Namespaces → Add Namespace Server

1.3.2 Enter the name of the server that will also host the namespace, then click Ok. (Clicking on the Edit Settings button will bring up the same dialog box as step 1.2.5)

1.3.3 The namespace server will be added

 

 

 

.

 

1.4 Adding a DFS-N Folder with Folder Targets

 

1.4.1 Right-click the Namespace → New Folder


1.4.2 Give the new folder a name, and then click on Add to add folder targets

1.4.3 Click on Browse to browse for folder targets

1.4.4 You can add an existing shared folder, or create a new one

1.4.5 You can also create several targets for the same DFS-N folder, and then use DFS-R to synchronize those shared folders on different servers. When you are done, click on Ok.

 

 

 

.

 

1.5 Configuring the properties of a DFS-N root

 

 

To access the properties sheet of a namespace, Right-click the namespace → Properties

General Tab only gives you information about the namespace, and you can add a description for the namespace if you like

Referrals Tab

A referral is an ordered list of servers that a client computer receives from a domain controller or namespace server when the user accesses a namespace root or DFS folder with targets. Targets that are located in the same Active Directory site as the clients are listed first in the referral. On this tab, you can define three options,

⇒ The duration referrals will be cached on the client, before the client retrieves the list a new from a domain controller or namespace server.
⇒ Ordering method for targets outside of the client’s AD site.
⇒ If a target becomes unavailable, you can configure clients to fail back to the target after it is restored.


Advanced Tab


Two settings can be defined on this tab,

⇒To maintain a consistent domain-based namespace across namespace servers, it is necessary for namespace servers to periodically poll Active Directory Domain Services to obtain the most current namespace metadata. Microsoft recommends that you select Optimize for consistency if there are 16 or fewer servers hosting the namespace. Otherwise you should select Optimize for scalability.

⇒ Enable/Disable Access-based enumeration for the namespace

 

 

 

 

.

 

1.6 Additional Configuration options for DFS-N

 

 

1.6.1 To delegate permissions on DFS-N, you can right-click the Namespaces node and select Delegate Permissions. Permissions at the top most level will allow users to create domain-based namespaces. Permissions at the namespace level will allow users to add a namespace server to the domain-based namespace (also requires said user to be local admin on the namespace server to be added), and generally manage the namespace.




1.6.2 Properties sheet of a Namespace server

General Tab

⇒ Enable/disable referrals for this namespace server. If you disable referrals, users will be prevented from being directed to this namespace server. This can be useful during maintenance of a server.
⇒ Set share permissions for the Namespace root
⇒ Information about which AD site the name server belongs to


Advanced Tab

Specify referral ordering. This is self-explanatory.


1.6.3 Properties sheet of a folder with folder targets

General Tab only gives you information about the folder, and you can add a description for the folder if you like

Referrals Tab

⇒ The duration referrals will be cached on the client, before the client retrieves the list a new from a domain controller or namespace server.
⇒ Ordering method for targets outside of the client’s AD site.
⇒ If a target becomes unavailable, you can configure clients to fail back to the target after it is restored.


Advanced Tab
lets you configure view permissions on the DFS folder. For security reasons you should define explicit view permissions on the DFS folder, otherwise all domain users will be able to view this folder in the namespace.