Windows server 2008 файловая система

Аббревиатура DFS расшифровывается как Distributed File System (распределенная файловая система), данная служба реализовывает достаточно важные функции для крупных организаций, распределенных территориально и состоящих из нескольких сетей WAN или сайтов, предоставляя услуги простого хранения, репликации и поиска файлов по всей сети предприятия.

Первое преимущество службы DFS — предоставление единого сетевого пространства имен (Namespace), которое все пользователи сети могут использовать для доступа к общим файлам и папкам, в не зависимости от своего местонахождения.

Вторая важная функция DFS – возможность настройки службы репликации, которая осуществляет синхронизацию папок и файлов по всей организации, предоставляя пользователям доступ к последним и актуальным версиям файлов.

Давайте подробнее рассмотрим эти две функции DFS.

DFS NameSpace – каждое пространство имен (namespace) представляет собой сетевую папку с подпапками внутри нее. Главное преимущество использования такого пространства имен заключается в том, что пользователи могут обращаться к своим общим папкам и файлам через корень пространства имен, не задумываясь, на каком сервер в действительности они хранятся. Т.е. namespace это своеобразная логическая структура, упрощающая доступом к файлам.

DFS Replication – служба репликации DFS позволяет иметь множество синхронизованных копий одного и того же файла или папки. Репликация позволяет внутри каждой подсети или сайта организации иметь копию файлов, например, центрального офиса. Т.е. когда пользователи обращаются к некой общей папке, они попадают не на сам сервер центрального офиса, а на ближайшую реплику DFS, тем самым существенно уменьшая загрузку слабого меж-сайтового канала передачи. И в том случае, если пользователь вносит изменения в любой из файлов, изменения реплицируются по всему пространству DFS, в результате все пользователи сети получают доступ к актуальной и свежей копии файла.

В Windows Server 2008 служба Distributed File System получила ряд усовершенствований, и стала более стабильной, были решены многие проблемы, наблюдающиеся в ранних версиях службы DFS.

Для того, чтобы воспользоваться всеми преимуществами новой DFS на Windows Server 2008, необходимо соблюсти ряд требований: все сервера участники DFS должны быть не ниже Windows Server 2008, и уровень домена AD должен быть не ниже Windows 2008.

В DFS появились следующие изменения:

Access-based Enumeration – пользователям разрешено видеть только те файлы и папки, которые разрешено. По умолчанию данная функция отключена, чтобы включить ее, нужно набрать следующую команду: dfsutil property abde enable \‹namespace_root›

Улучшенные инструменты командной строки – в Windows Server 2008 DFS NameSpaces появилась новая версия утилиты dfsUtil, кроме того, для диагностики и поиска неисправностей в службах DFS можно воспользоваться командой dfsdiag.

Поиск внутри пространства имен DFS– в Windows Server 2008 появилась возможность поиска внутри всего пространство имен DFS по всем файлам и папкам.

Улучшения в службе репликации Replication:

Улучшение производительности– значительно улучшена репликация больших и маленьких файлов, синхронизация теперь выполняется быстрее, а нагрузка на сеть меньше.

Улучшена служба обработки неожиданных перезагрузок серверов – в ранних версиях DFS, при неожиданной перезагрузке сервера часто возникало повреждение базы NameSpace или нарушение процесса репликации. В результате запускался длительный процесс ребилда базы и репликации, вызывающий большую нагрузку на сервера и сеть. DFS в Windows Server 2008 выполняется лишь частичный ребилд базы данных в случаях перезагрузки сервера, в результате процесс восстановления выполняется заметно быстрее.

Принудительная репликация– администратор теперь может вручную запустить процесс немедленной репликации, игнорируя настроенное расписание.

Поддержка Read Only Domain Controllers (RODC) – любые изменения на контроллере домена RODC могут быть отменены службой репликации DFS Replication.

Репликация SYSVOL– в Windows Server 2008 репликация Active Directory посредством FRS (File Replication Service) заменена на репликацию DFS.

Отчеты– теперь можно создавать диагностические отчеты о работе DFS

Установка роли DFS на Windows Server 2008

Итак, мы познакомились с основными возможностями службы DFS NameSpaces в Windows Server 2008 DFS NameSpace, теперь познакомимся с процедурой установки роли DFS на сервер.

В данном примере используется контроллер домена Windows Server 2008, уровень домена (functional level) тоже 2008. Как узнать версию схемы Active Directory.

1. Откройте оснастку Server Manager.

2. Перейдите в раздел Roles и выберите Add Roles.

Картинка с сайта: winitpro.ru

3. Из списка ролей выберите File Services.

Картинка с сайта: winitpro.ru

4. Появится информационной окно (Introduction to File Services), перейдите далее, нажав Next.

Картинка с сайта: winitpro.ru

5. В списке ролей выберите Distributed File System , а также DFS Namespaces и DFS Replication; после чего нажмите Next.

Примечание:
Среди ролей вы увидите «Windows Server 2003 File Services»и «File Replication Service». Данные опции стоит использовать только в том случае, если необходимо синхронизировать сервер Windows 2008 с устаревшими службами FRS.

Картинка с сайта: winitpro.ru

6. На экране «Create a DFS Namespace», вы можете указать хотите ли вы создать пространство имен немедленно, или позднее.

В данном примере, я не буду создавать корень пространства имен. Поэтому, я выбрал «Create a namespace later using the DFS Management snap-in in Server Manager» и нажал Next.

Картинка с сайта: winitpro.ru

7. На следующем экране, нажав Install, мы запустим процесс установки службы DFS.

Картинка с сайта: winitpro.ru

8. После установки DFS, в консоли Server Manager появится новая роль File Services со следующим списком установленных компонентов:

Distributed File System

DFS Namespaces

DFS Replication

Картинка с сайта: winitpro.ru

Итак, мы установили DFS, далее мы должны создать корень пространства имен и настроить репликацию DFS. Обо все этом я буду писать в последующих статьях.

First published on TECHNET on Mar 10, 2009


Jose Barreto has a new blog post covering the basics of the Distributed File System (DFS) in Windows Server 2008, which offers users simplified access to a set of file shares and helps administrators easily maintain the file server infrastructure behind those file shares, including options for load sharing, replication and site awareness.

This detailed post, including several screenshots and diagrams, is divided into a series of topics:

• Overview
• Many File Servers and File Shares
• Adding the DFS Services
• DFS Namespaces
• Creating a Namespace
• Adding Folders to the Namespace
• Multiple Targets
• DFS Replication
• Configuring Replication
• DFS Tools
• Conclusion
• Links

Check it out at

http://blogs.technet.com/josebda/archive/2009/03/09/the-basics-of-the-windows-server-2008-distributed-file-system-dfs.aspx

Computer networks were created to share data. The
most primitive form of sharing data on computer networks, of course, is
accessing files and folders stored on networked systems or central file
servers, such as Windows Server 2008 R2 file servers.

As data storage needs and
computer services have evolved in the past 20 or so years, many
different methods have become available to present, access, secure, and
manage data. As an example, data can be accessed through a web browser;
by accessing data stored on external storage media, such as USB drives,
floppy disks, CDs, and DVDs; and by accessing data stored on any of the
different types of media for the many different operating systems,
network storage devices, and file systems available.

Windows Server 2008 R2 File
System Overview/Technologies

Windows Server 2008 R2
provides many services that can be leveraged to deploy a highly
reliable, manageable, and fault-tolerant file system infrastructure.

Windows Volume and
Partition Formats

When
a new disk is added to a Windows Server 2008 R2 system, it must be
configured by choosing what type of disk, type of volume, and volume
format type will be used. To introduce some of the file system services
available in Windows Server 2008 R2, you must understand a disk’s volume
partition format types.

Windows Server 2008 R2
enables administrators to format Windows disk volumes by choosing either
the file allocation table (FAT) format, FAT32 format, or NT File System
(NTFS) format. FAT-formatted partitions are legacy-type partitions used
by older operating systems and floppy disk drives and are limited to
2GB in size. FAT32 is an enhanced version of FAT that can accommodate
partitions up to 2TB and is more resilient to disk corruption. Data
stored on FAT or FAT32 partitions is not secure and does not provide
many features. NTFS-formatted partitions have been available since
Windows NT 3.51 and provide administrators with the ability to secure
files and folders, as well as the ability to leverage many of the
services provided with Windows Server 2008 R2.

NTFS-Formatted
Partition Features

NTFS enables many
features that can be leveraged to provide a highly reliable, scalable,
secure, and manageable file system. Base features of NTFS-formatted
partitions include support for large volumes, configuring permissions or
restricting access to sets of data, compressing or encrypting data,
configuring per-user storage quotas on entire partitions and/or specific
folders, and file classification tagging.

Several Windows services
require NTFS volumes; as a best practice, we recommend that all
partitions created on Windows Server 2008 R2 systems are formatted using
NT File System (NTFS).

File System Quotas

File system quotas
enable administrators to configure storage thresholds on particular sets
of data stored on server NTFS volumes. This can be handy in preventing
users from inadvertently filling up a server drive or taking up more
space than is designated for them. Also, quotas can be used in hosting
scenarios where a single storage system is shared between departments or
organizations and storage space is allocated based on subscription or
company standards.

The Windows Server 2008 R2
file system quota service provides more functionality than was included
in versions older that Windows Server 2008. Introduced in Windows 2000
Server as an included service, quotas could be enabled and managed at
the volume level only. This did not provide granular control;
furthermore, because it was at the volume level, to deploy a functional
quota-managed file system, administrators were required to create
several volumes with different quota settings. Windows Server 2003 also
included the volume-managed quota system, and some limitations or issues
with this system included the fact that data size was not calculated in
real time. This resulted in users exceeding their quota threshold after
a large copy was completed.

Windows Server 2008
and Windows Server 2008 R2 include the volume-level quota management
feature but also can be configured to enable and/or enforce quotas at
the folder level on any particular NTFS volume using the File Server
Resource Manager service. Included with this service is the ability to
screen out certain file types, as well as real-time calculation of file
copies to stop operations that would exceed quotas thresholds. Reporting
and notifications regarding quotas can also be configured to inform end
users and administrators during scheduled intervals, when nearing a
quota threshold, or when the threshold is actually reached.

Data Compression

NTFS volumes support
data compression, and administrators can enable this functionality at
the volume level, allowing users to compress data at the folder and file
level. Data compression reduces the required storage space for data.
Data compression, however, does have some limitations, as follows:

• Additional load is
  placed on the system during read, write, and compression and
  decompression operations.

• Compressed data
  cannot be encrypted.

Data Encryption

NTFS volumes support the
ability for users and administrators to encrypt the entire volume, a
folder, or a single file. This provides a higher level of security for
data. If the disk, workstation, or server the encrypted data is stored
on is stolen or lost, the encrypted data cannot be accessed. Enabling,
supporting, and using data encryption on Windows volumes and Active
Directory domains needs to be considered carefully as there are
administrative functions and basic user issues that can cause the
inability to access previously encrypted data.

File Screening

File screening enables
administrators to define the types of files that can be saved within a
Windows volume and folder. With a file screen template enabled, all file
write or save operations are intercepted and screened and only files
that pass the file screen policy are allowed to be saved to that
particular volume or folder. The one implication with the file screening
functionality is that if a new file screening template is applied to an
existing volume, files that would normally not be allowed on the volume
would not be removed if they are already stored on it. 

File Classification
Infrastructure

Windows Server 2008 R2
includes a new feature called the File Classification Infrastructure
(FCI). The FCI enables administrators to create classification policies
that can be used to identify files and tag or classify files according
to properties and policies defined by the file server administrators.
FCI can be managed by using the File Server Resource Manager console and allows for file
server administrators to identify files and classify these files by
setting specific FCI property values to these files based on the folder
they are stored in and/or based on the content stored within the file
itself. When a file is classified by FCI, if the file is a Microsoft
Office file, the FCI information is stored within the file itself and
follows the file wherever it is copied or moved to. If the file is a
different type of file, the FCI information is stored within the NTFS
volume itself, but the FCI information follows the file to any location
it is copied or moved to, provided that the destination is an NTFS
volume hosted on a Windows Server 2008 R2 system.

Volume Shadow Copy
Service (VSS)

Windows Server 2003
introduced a file system service called the Volume Shadow Copy Service
(VSS). The VSS enables administrators and third-party independent
software vendors to take snapshots of the file system to allow for
faster backups and, in some cases, point-in-time recovery without the
need to access backup media. VSS copies of a volume can also be mounted
and accessed just like another Windows volume if that should become
necessary.

Shadow Copies of Shared
Folders

Volume shadow copies of
shared folders can be enabled on Windows volumes to allow administrators
and end users to recover data deleted from a network share without
having to restore from backup. The shadow copy runs on a scheduled basis
and takes a snapshot copy of the data currently stored in the volume.
In previous versions of Windows prior to Windows Server 2003, if a user
mistakenly deleted data in a network shared folder, it was immediately
deleted from the server and the data had to be restored from backup. A
Windows Server 2003, Windows Server 2008, or Windows Server 2008 R2 NTFS
volume that has shadow copies enabled allows a user with the correct
permissions to restore deleted or overwritten data from a previously
stored shadow copy backup. It is important to note that shadow copies
are stored on local volumes and if the volume hosting the shadow copy
becomes inaccessible or corrupted, so does the shadow copy. Shadow
copies are not a replacement for backups and should not be considered a
disaster recovery tool.

Volume Shadow Copy
Service Backup

The Volume Shadow Copy
Service in Windows Server 2008 R2 also provides the ability for Windows
Backup and third-party software vendors to utilize this technology to
improve backup performance and integrity. A VSS-compatible backup
program can call on the Volume Shadow Copy Service to create a shadow
copy of a particular volume or database, and then the backup can be
created using that shadow copy. A benefit of utilizing VSS-aware backups
is that the reliability and performance of the backup is increased as
the backup window will be shorter and the load on the system disk will
be reduced during the backup.

Remote Storage Service
(RSS)

The
Remote Storage Service was included with Windows 2000 Server and
Windows Server 2003. The Remote Storage Service enables administrators
to migrate or archive data to lower-cost, slower disks or tape media to
reduce the required storage space on file servers.

This service, however, has
been discontinued in Windows Server 2008 and is not included in Windows
Server 2008 R2 either. Many organizations that required this sort of
functionality have turned to third-party vendors to provide this type of
hierarchical storage management. However, the New File Management Tasks
node within the File Server Resource Manager console provides a
function that allows administrators to schedule processes that will
report on files that might be candidates for moving to alternate storage
through a function called file expiration. This can be configured to
notify both administrators and end-user file owners of upcoming files
that will be expired and moved to alternate volumes. One main
difference, however, is that file expiration does not leave a link in
the original file location as the Remote Storage Service previously did. 

Distributed File System
(DFS)

As the file services needs of an
organization change, it can be a challenging task for administrators to
design a migration plan to support the new requirements. In many cases
when file servers need additional space or need to be replaced,
extensive migration time frames, scheduled outages, and, sometimes,
heavy user impact results.

In an effort to create
highly available file services that reduce end-user impact and simplify
file server management, Windows Server 2008 R2 includes the Distributed
File System (DFS) service. DFS provides access to file data from a
single namespace that can be used to represent a single server or a
number of servers that store different sets or replicated sets of the
same data. For example, when using DFS in an Active Directory domain, a
DFS namespace named \\companyabc.com\UserShares
could redirect users to \\Server10\UserShares
or to a replicated copy of the data stored at \\Server20\UserShares.

Users and administrators
both can benefit from DFS because they only need to remember a single
server or domain name to locate all the necessary file shares.

Distributed File System
Replication (DFSR)

With
the release of Windows 2003 R2 and continuing with Windows Server 2008
and Windows Server 2008 R2, DFS has now been upgraded. In previous
versions, DFS Replication was performed by the File Replication Service
(FRS). Starting with Windows Server 2003 R2, DFS Replication is now
performed by the Distributed File System Replication service, or DFSR.
DFSR uses the Remote Differential Compression (RDC) protocol to
replicate data. The RDC protocol improves upon FRS with better
replication stability, more granular administrative control, and
additional replication and access options. Also, starting with Windows
Server 2008 R2, RDC improves replication by only replicating the
portions of files that have changed, as opposed to replicating the
entire file, and replication can now be secured in transmission. 

File System Management
Tools

Windows Server 2008 R2
provides several tools administrators can leverage to manage Windows
Server 2008 R2 file servers. Administrators can install these tools on
Windows Server 2008 R2 systems by adding the File Services tools feature
to the system. The File Services tools can be added by invoking the Add
Features applet located in Server Manager. The tools are located in the
Add Features, Remote Server Administration Tools, Role Administration
Tools hierarchy. The File Services tools installed in this group include
the following:

• Distributed File System tools

• File Server Resource Manager
  tools

• Services
  for Network File System tools

File System Monitoring
and Reporting

Windows Server 2008 R2
includes the ability for administrators to enable automated monitoring
and reporting of the file system. This includes reporting on storage and
quota usage, file screening, file group by types as well as owners, and
file properties. Also, new to Windows Server 2008 R2 is the ability to
produce reports on file classification and file expiration file
management tasks. 

Windows 7 / Networking

Windows Server 2008 R2 provides many services that can be leveraged to deploy a highly reliable, manageable, and
fault-tolerant file system infrastructure. This section of the tutorial provides an overview of these services.

Windows Volume and Partition Formats

When a new disk is added to a Windows Server 2008 R2 system, it must be configured by
choosing what type of disk, type of volume, and volume format type will be used. To
introduce some of the file system services available in Windows Server 2008 R2, you must
understand a disk’s volume partition format types.

Windows Server 2008 R2 enables administrators to format Windows disk volumes by
choosing either the file allocation table (FAT) format, FAT32 format, or NT File System
(NTFS) format. FAT-formatted partitions are legacy-type partitions used by older operating
systems and floppy disk drives and are limited to 2GB in size. FAT32 is an enhanced
version of FAT that can accommodate partitions up to 2TB and is more resilient to disk
corruption. Data stored on FAT or FAT32 partitions is not secure and does not provide
many features. NTFS-formatted partitions have been available since Windows NT 3.51 and
provide administrators with the ability to secure files and folders, as well as the ability to
leverage many of the services provided with Windows Server 2008 R2.

NTFS-Formatted Partition Features

NTFS enables many features that can be leveraged to provide a highly reliable, scalable,
secure, and manageable file system. Base features of NTFS-formatted partitions include
support for large volumes, configuring permissions or restricting access to sets of data,
compressing or encrypting data, configuring per-user storage quotas on entire partitions
and/or specific folders, and file classification tagging, which is discussed later in this tutorial.
Several Windows services require NTFS volumes; as a best practice, we recommend that
all partitions created on Windows Server 2008 R2 systems are formatted using NT File System (NTFS).

File System Quotas

File system quotas enable administrators to configure storage thresholds on particular sets
of data stored on server NTFS volumes. This can be handy in preventing users from inadvertently
filling up a server drive or taking up more space than is designated for them.
Also, quotas can be used in hosting scenarios where a single storage system is shared
between departments or organizations and storage space is allocated based on subscription or company standards.

The Windows Server 2008 R2 file system quota service provides more functionality than
was included in versions older that Windows Server 2008. Introduced in Windows 2000
Server as an included service, quotas could be enabled and managed at the volume level
only. This did not provide granular control; furthermore, because it was at the volume
level, to deploy a functional quota-managed file system, administrators were required to
create several volumes with different quota settings. Windows Server 2003 also included
the volume-managed quota system, and some limitations or issues with this system
included the fact that data size was not calculated in real time. This resulted in users
exceeding their quota threshold after a large copy was completed.

Windows Server 2008 and Windows Server 2008 R2 include the volume-level quota
management feature but also can be configured to enable and/or enforce quotas at the
folder level on any particular NTFS volume using the File Server Resource Manager service.
Included with this service is the ability to screen out certain file types, as well as real-time
calculation of file copies to stop operations that would exceed quotas thresholds.
Reporting and notifications regarding quotas can also be configured to inform end users
and administrators during scheduled intervals, when nearing a quota threshold, or when the threshold is actually reached.

Data Compression

NTFS volumes support data compression, and administrators can enable this functionality
at the volume level, allowing users to compress data at the folder and file level. Data
compression reduces the required storage space for data. Data compression, however, does have some limitations, as follows:

• Additional load is placed on the system during read, write, and compression and decompression operations.
• Compressed data cannot be encrypted.

Data Encryption

NTFS volumes support the ability for users and administrators to encrypt the entire
volume, a folder, or a single file. This provides a higher level of security for data. If the
disk, workstation, or server the encrypted data is stored on is stolen or lost, the encrypted
data cannot be accessed. Enabling, supporting, and using data encryption on Windows
volumes and Active Directory domains needs to be considered carefully as there are
administrative functions and basic user issues that can cause the inability to access previously encrypted data.

File Screening

File screening enables administrators to define the types of files that can be saved within a
Windows volume and folder. With a file screen template enabled, all file write or save
operations are intercepted and screened and only files that pass the file screen policy are
allowed to be saved to that particular volume or folder. The one implication with the file
screening functionality is that if a new file screening template is applied to an existing
volume, files that would normally not be allowed on the volume would not be removed if
they are already stored on it. File screening is a function of the File Server Resource
Manager service, covered in the «File Server Resource Manager (FSRM)» section later in this tutorial.