DFS & Active Directory

Joshua Hedges |Brandon Maxfield | Robert Rivera | Will Zilch

Introduction 3 different types of Distributed File Systems

DFS (Microsoft) NFS (Network File System) AFS (Andrew File System)

Active Directory

Distributed File System Namespaces

“Technology that helps administrators group shared folders located on different servers and present them to users as a virtual tree of folders known as a namespace. DFS Namespaces was formerly known as Distributed File System in Windows 2000 Server and Windows Server 2003.”

Distributed File System Replication

“New state-based, multimaster replication engine that is optimized for WAN environments. DFS Replication supports replication scheduling, bandwidth throttling, and a new byte-level compression algorithm known as remote differential compression (RDC).”

Distributed File Systems Replication (continued)

Differences in Server 2003 vs. Server 2003 R2 Server 2003 (Old Way) Server 2003 R2 (New Way) – Uses RDC Example: GB video file

RDC (Remote Differential Compression) Saves Conflict and Deleted Files Generates Reports, tells you bandwidth saved Can set schedule and limit bandwidth

Distributed File Systems Replication & Namespaces

Network File System NFS Concept VS NFS Protocol

NFS Concept Client/Server file sharing

NFS Protocol Nuts and bolts of how this particular network file

system works. Security, locking, mounts, etc…

Network File System NFS Version 1

Developed by Sun and IBM Used for:

Primarily experimental Not released to the public

NFS Version 2 Operates over UDP Stateless implementation (i.e. locking)

NFS Version 3 Added the following supports:

64-bit file sizes, asynchronous server writes, attributing,

Network File System NFS Version 4

“ Unlike earlier versions, the NFS version 4 protocol supports traditional file access while integrating support for file locking and the mount protocol. In addition, support for strong security (and its negotiation), compound operations, client caching, and internationalization have been added.”

-RFC 3530 Current Version

Configured using /etc/exports file as in the lab Mount command as in the lab

Andrew File System Based on Version 4 of NFS Volume

Cell File Trees

Shared Folders Files

Andrew File System

Secure File System Uses Kerbos for authentication Implements access control lists

Scalable Easily handles high numbers of clients (thousands)

Stable Offers limited access even in the event of a server

or network crash

Andrew File System

Cons No file locking

Files stored locally If someone else is editing the same file you are

notified

Active Directory What is Active Directory

(AD)? Microsoft’s Directory

Service Active Directory is a

directory service used to store information about resources, services, and users across a domain.

Goals: Open Standards High Scalability Simplified Administration Compatibility to existing

Windows NT systems and applications

Active Directory Some open standards are:

LDAP Low-Level API to Active Directory

DNS Resource Location Extensions, e. G. „Dynamic DNS“

Kerberos Authentication

Active Directory What is a Domain?

AD Base Element (Building Block) NT 4 Compatible Physically Implemented on Domain Controllers

(DC) Border for

Replication Traffic System Policies Administration

Objects include Resources (e.g. printers) Services (e.g. email) Users (e.g. user accounts and groups)

Active Directory What is a Tree?

Hierarchical Domain Structure inside a single Namespace

Transitive Trusts created automatically Sub-Domain must be added to Root-Domain –

otherwise there will be no tree!

Active Directory What is a Forest?

Combination of Trees Transitive Trusts created automatically There is one single tree-root! Sub-Tree must be added to Root-Tree, otherwise no

Forest will be created

Active Directory What is a Domain Controller?

Stores a physical Copy of the Active Directory Database Currently a single Domain per DC supported! ESE95 Database (MS Exchange)

Logon Services Kerberos LAN Manager Authentication

Recommendation: always have at least 2 Domain Controllers!

Active Directory

Hierarchical Base object

Domain

OU

Domain

DomainOUOU

Objects

Domain

Tree

Domain

Domain

Domain

Tree

Forest