Windows Server

Roy Chastain · Guest

I have a local and remote office situation.
They are in different domains with a 2 way trust setup between them.
The two offices are connected via a VPN through ISA firewall (ISA on both ends)
The local site is a Win2K domain and the remote site is a 2003 domain (running 2003 functional level)

The remote site will be responsible for making changes to a large number of files in multiple directories.
The local site will consume these files and (MIGHT occasionally) make updates to these files.
The local site has the backup system. There is no backup on the remote site.

I need a method of getting the files from the remote site to the local site other than forcing the remote users to do something
like FTP. Given the size and number of the files that will be updated (copied from a system on the remote site), I don't think it
would be reasonable to use normal 'file copy' operations.

I was thinking that possibly a DFS with one replica local and one replica remote might work. Let lazy replication take care of
the copy.

I tried a test but not making much progress and would like a sanity check on this idea.

1) - Is this doable?
2) - Is it a good idea.
3) - How do I do it?
4) - What better alternatives do I have.

Thanks
-------------------------------------------
Roy Chastain
KMSYS Worldwide, Inc.
http://www.kmsys.com

Jill Zoeller [MSFT] · Guest

Your scenario is a common use for DFS/FRS, so this is do-able given a few
caveats. FRS/DFS can replicate across domains in the same forest only; is
that your configuration? Replicating across domains takes some permissions
tweaks--I'll post them below.

You might want to check out the tested FRS limits at
http://support.microsoft.com/default.aspx?scid=kb;en-us;840675 just to make
sure you don't plan to replicate more than we recommend. Are you aware that
FRS uses last-writer-wins for file conflicts? As long as users in your local
site don't change files at the same time as your remote users do, then you
won't have conflicts. If you plan to use FRS, we highly recommend that you
check out Ultrasound, our FRS monitoring tool, as well as the other
resources at www.microsoft.com/dfs. Also, FRS replicates the entire file
when it's changed...this is something to keep in mind if the files are large
or changed frequently.

FRS isn't your only option, though. Your scenario sounds perfect for the new
replication engine, DFS Replication, in Windows Server 2003 R2. Granted, you
aren't running R2 (yet), but DFS Replication is a great new replicator worth
checking out. For details, see
http://www.microsoft.com/downloads/details.aspx?FamilyID=5e547c69-d224-4423-8eac-18d5883e7bc2&DisplayLang=en.

Here are the steps for setting permissions to allow FRS to replicate across
domains in the same forest.

If you are a member of the Enterprise Admins group, you can configure FRS
replication on a DFS link whose targets are in different domains in the same
forest. If you are not a member of the Enterprise Admins group, permissions
must be configured as follows: . You must have Read and Create All Child
Objects permissions for the computer object of each computer that will be
part of the replica set.

. You must be a member of the local Administrators group on each
computer that will be part of the replica set.

. You must have Read and Create All Child Objects permissions for the
File Replication Service container and all its child objects. Although the
File Replication Service container can exist in every domain, you must add
these permissions to the File Replication Service container that is in the
domain where the domain-based root is configured.

If any of these permissions are not configured correctly, you will get an
Access Denied message when you try to enable replication by using the
Configure Replication Wizard in the Distributed File System snap-in.

For more information, see article 296183, Overview of Active Directory
Objects That Are Used by FRS.

--
This posting is provided "AS IS" with no warranties, and confers no rights.

"Roy Chastain" <roy@kmsys.com> wrote in message
news:jcnnj15ooiel0dtcrae76d23e7p0o3ujf3@4ax.com...

Roy Chastain · Guest

Thank very much Jill,
Unfortunately, the two domains are not members of the same forest. They just have trust relationships.

Does the DFS Replication in R2 have the same requirement for forest membership?

Thanks

On Thu, 29 Sep 2005 10:09:10 -0700, "Jill Zoeller [MSFT]" <jillz@nospam.microsoft.com> wrote:

Jill Zoeller [MSFT] · Guest

Yep, DFS Replication also requires the domains to be in the same forest.

--
This posting is provided "AS IS" with no warranties, and confers no rights.

"Roy Chastain" <roy@kmsys.com> wrote in message
news:q2cqj11c6hql9n04e2cc78qn8gecj30dcs@4ax.com...

Patrick Elliott · Guest

Hi Roy, Just a followup question -- have you looked into the DFS Replication
service in the Windows Server 2003 R2 beta that Jill mentioned?

There are some wonderful articles on it off of the Windows Server 2003 R2
public beta site, DFSR in R2 also uses new Remote Differential Compression,
which really reduces the bandwidth / time used to replicate.

There's a good webcast here:
http://microsoft.sitestream.com/TechEd2005/SVR/SVR312_files/Default.htm

which talks about some of the improvements made in DFSR in R2 compared to
FRS.

If you're interested in testing Windows Server 2003 R2 you can download the
CPP RC0 build, and there is a newsgroup avail to the CPP program, so please
feel free to post any followup questions about the product there and we'll
help you out!

--
Patrick Elliott
Windows Server 2003 R2 Beta Mentor
http://msblog.resdev.net
http://msblog.resdev.net/forum

"Roy Chastain" <roy@kmsys.com> wrote in message
news:q2cqj11c6hql9n04e2cc78qn8gecj30dcs@4ax.com...

	Windows Server Forum Index -> DFS and FRS	All times are GMT
Page 1 of 1