No announcement yet.

Cross forrest DFS

  • Filter
  • Time
  • Show
Clear All
new posts

  • Cross forrest DFS

    Multiple Forest Considerations in Windows 2000 and Windows Server 2003:

    In that document it mentions:
    "When a user who is logged on to a computer that is joined to Forest B requests a file that is hosted by multiple DFS servers, the nearest one being a server that is joined to Forest A, the DFS server that is contacted for the download depends on whether site and subnet information for Forest A is available in Forest B. If the site of this DFS server is not specified in Forest B, then the file might be downloaded from an arbitrary (potentially remote) DFS server."

    The problem we have at the moment, is that site and subnet information is not synchronized between our 2 forrests. So when a user in forrest B requests a file from a DFS server in forrest A, they arent going to go to the closest DFS server.

    According to the MS articles I've read, the above included, the only way to resolve this is to mirror the site/subnet info across forrests.

    We use 192.x.x.x in forest B and 10.x.x.x in forest A - synchronzing these is mind numbing.

    User A authenticates with Forest A
    User B authenticates with Forest B

    We have delegations/root hints for name resolution across forrests in place.

    Is there a solution you can think of which gets around this somehow? So that we can somehow direct User A to a DFS server close to them, without synchronizing sites and the subnets across the 2 forrests?

    Some middleware app of sorts?

    If we just added the 192.x.x.x subnets from forest B into sites/services in forestA could that work? Or the other way around?

  • #2
    Re: Cross forrest DFS

    No workaround that I know of. I've been in that same boat about two years ago and we ended up creating the subnets from account forest in the resource forest (the one hosting the DFS) and mapping those subnets to sites.

    Exporting/importing the subnets is easy - you can use ldifde for this. Mapping the subnets to existing sites will require some manual work.
    Guy Teverovsky
    "Smith & Wesson - the original point and click interface"