To avoid replication across satellite links, is there a correct procedure/best practice for introducing a large file or files (~6GB) at each partner server simultaneously from USB drive into replicated folders on an EXISTING active/production DFS servers with Replication enabled?  These are not new members/replication partners.

My initial thoughts are to disable replication for that folder on the partners, organise the copying of the files at each location, and when complete enable the replication again. Will this just result in CPU load and not content transfer?

Is there a better way of doing this?

My Personal Blog: http://madluka.wordpress.com

We are looking into migrating to DFS Namespaces but ran into an issue.

Is there a way to prevent users from moving the contents of a namespace folder (link) to another namespace folder within the same DFS namespace?
When viewing the namespace (\\domain.local\share\) and the shared folders within, users can move the contents by dragging and droping to a different share.

For example, consider this structure

\\domain.local\Share
-------- Folder1
-------- Folder2
-------- Folder3

Users can drag and drop Folder3 into Folder1. The Folder3 link stays there, but the contents (on which they have NTFS permissions) will be moved inside folder1. 

Accidental drag and drop happens and it can be a disaster on top level folders. 

On our old structure, using simple folder shares, accidental drag and drop has harmful effects. You only create a link inside the destination folder.

Hope someone can help me in finding a solution.

Thanks

Dear Server Expert,

We are using windows server 2008 as the file server. currently there are some folders that need to have different access right for different users.

For example:

A parent folder named "A" has a sub folder "B", "C", and "D". this is a dept folder. however, we would like to assign certain user to be able to access only folder "C" and the sub folder below C. Since the permission is inherited from "A" folder, now those specific users has the ability to access all folders under "A". Currently i want them to access be able to access only "C" folder but they can still go into the "C" folder from "A". Once inside the "A" folder, they can see see B, C, and D folder but able to access only "C". is it possible/

Thanks.

Hi

Please guide to for providing the Full access to be given user/group to read, write, edit, modify & update but prevented of deletion in Files and folders.

Regards, Md Ehteshamuddin Khan All the opinions expressed here is mine. This posting is provided "AS IS" with no warranties or guarantees and confers no rights.

Hello together,

we are running Windows Server 2012 R2 (Datacenter) with 12 Virtual Servers. We are already using the buildin Data-Deduplication Feature for our fileserver, but currently running short on the SSDs Hosting the VMs and VM-Harddisks.

So, I read a lot of different opinions when it Comes down to data-deduplication on drives that are hosting VMs and/or their harddisks.

- Some Posts are cleary recommending to use the dd-Feature, because - obviously - for running several virtual machines, there is a lot of redundancy in Terms of data. (Each of the 12 VMs is running Windows Server 2012 R2 itself)

- Other Posts are telling, that dd will cause Problems when applied to virtual machines (the drives Hosting the VMS)
(Personally I don't get the Point, cause you can configure the Age of data to be deduplicated - so any "live-data" such as swap-files should not be affected?!)

So, what's best practice? Use dd (on the host) for VMs or not?

We have a web application running on a windows server 2012 R2 server. This application worked on a previous server (we don’t have access to this anymore to look at the settings). The application has a section that allows a user to browse files on the network share using impersonation and this is the issue.

If the user logs onto the web server directly and accesses the service that user can browse the file share without any issues. Where the issue comes into play is if the user accesses the web app from there pc then IE reports an error. This error is misleading I think as it talks about ASP.NET but other areas show different results.

We know this is an issue with the impersonation because if in the website, Authentication, ASP.NET Impersonation to use a specific user rather than the authenticated user the file browsing works.

We have tried a lot of different things and have narrowed it down to being this impersonation issue.

When a user try’s through the application to access the network share and it fails I do not see it trying to access the file server. (We turned auditing on for the files and no fails from that server) What we do see is on the web server is the following errors:

Event code: 4011

Event message: An unhandled access exception has occurred.

Event time: 28/08/2015 15:16:23

Event time (UTC): 28/08/2015 14:16:23

Event ID: 0a67c0cd1bd7408080531d9e578a5d19

Event sequence: 8

Event occurrence: 1

Event detail code: 0

Application information:

    Application domain: /LM/W3SVC/1/ROOT/mims-1-130852449724574570

    Trust level: Full

    Application Virtual Path: /app

    Application Path: C:\inetpub\wwwroot\app\

    Machine name: WEBSERVER NAME

Process information:

    Process ID: 2748

    Process name: w3wp.exe

    Account name: Application pool domain account (also same thing in any other account mode)

Request information:

    Request URL: http://app/app/EasyShare.aspx?tab=1

    Request path: /app/EasyShare.aspx

    User host address: PC Address

    User: USER ACCOUNT

    Is authenticated: True

    Authentication Type: Negotiate

    Thread account name: Application pool domain account (also same thing in any other account mode)

Custom event details:

On the Web server I turned logon auditing on to see what was going on and can see the user is being impersonated:

Special privileges assigned to new logon.

Subject:

                Security ID:                            Domain\user

                Account Name:                     User

                Account Domain:                 Domain

                Logon ID:                               0x3FD5AE23

Privileges:                              SeSecurityPrivilege

                                                SeBackupPrivilege

                                                SeRestorePrivilege

                                                SeTakeOwnershipPrivilege

                                                SeDebugPrivilege

                                                SeSystemEnvironmentPrivilege

                                                SeLoadDriverPrivilege

                                                SeImpersonatePrivilege

Followed by:

An account was successfully logged on.

Subject:

                Security ID:                            NULL SID

                Account Name:                     -

                Account Domain:                 -

                Logon ID:                               0x0

Logon Type:                                          3

Impersonation Level:                            Impersonation

New Logon:

                Security ID:                            Domain\User

                Account Name:                     USER

                Account Domain:                 DOMAIN

                Logon ID:                               0x3FD5AE23

                Logon GUID:                          {00000000-0000-0000-0000-000000000000}

Process Information:

                Process ID:                             0x0

                Process Name:                      -

Network Information:

                Workstation Name:              PC

                Source Network Address:    -

                Source Port:                           -

Detailed Authentication Information:

                Logon Process:                     NtLmSsp

                Authentication Package:     NTLM

                Transited Services:                -

                Package Name (NTLM only):              NTLM V2

                Key Length:                           128

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The impersonation level field indicates the extent to which a process in the logon session can impersonate.

The authentication information fields provide detailed information about this specific logon request.

                - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.

                - Transited services indicate which intermediate services have participated in this logon request.

                - Package name indicates which sub-protocol was used among the NTLM protocols.

                - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

But yet the user cannot access these file shares.

We have on the webserver in AD made sure it is trusted for delegation.

Now we are at a bit of a loss and everything we read keeps us going round in circles with no fix in sight, Hopefully one of you lovely chaps may be able to helpJ

DEAR TEAM

WE HAVE IBM SERVER IN OUR OFFICE IT'S RUNNING ON WINDOWS 2012 SERVER ALSO WE INSTALLED SQL SERVER.

WE DEPLOYED OUR SOFTWARE ON SERVER. I NEED SUGGESTION FROM YOU I HAVE TO TAKE ENTIRE SERVER BACKUP ON CLOUD OR NETWORK DEVICE. AT ANY COST I DON'T WANT LOSE MY DATA. WANT EVER PROBLEM COMES I HAVE TO RETRIEVE MY DATA.

Hi Masters,

I have TWO servers, server1 (2008 R2) and server2 (2012 R2),

On server1 I have (D:\Projects, E:\Projects and F:\Projects). I have only one drive on server2

I have created multiple DFSR replication groups and added one folder per group

Currently I am replicating all drives with DFSR from server1 (D:\Projects, E:\Projects and F:\Projects) to server 2 under single drive with multiple replication groups with different folder names (E:\D-Projects, E:\E-Projects and E:\F-Projects)

I am getting below error on DFSR replication while checking backlog from server2 to server1
-------------------------------------------------------------------------------------------------------------------------------------------------
C:\Windows\system32>dfsrdiag backlog /rgname:RG1 /rfname:Projects /smem:server2 /rmem:server1
[WARNING] Found 2 <DfsrReplicatedFolderConfig> objects with same ReplicationGroupGuid=724A1B84-0C17-4B98-992F-D33D16801909 and ReplicatedFolderName=projects; using first object.

No Backlog - member <server1> is in sync with partner <server2>

Operation Succeeded
------------------------------------------------------------------------------------------------------

I am not sure what this error means and how to resolve it

Not sure how to deal with this situation, Any help is highly appreciated please

Thank You

Thanks Best Regards Mahesh

Hello All,

We have a DFSR setup in our office. There are many servers having replicated folders in common HUB server.The HUB server is in cluster. All the replicated folders were in normal state before.All of sudden they went Initail Sync. We couldn't collect DFSR logs for that day,Since it happened mid night and we are new to DFSR.  The below are the events happened at that time

The node that had the role rebooted after that the role moved to another.We do not see Event ID 2212 or 2213 Events in Log.The below are the Events we see in DFSR log.

Squence 1:

Event ID 1206 - The DFS Replication service successfully contacted domain controller
Event ID 4010 - The DFS Replication service detected that the replicated folder at local path D:\Share\Dept1 has been removed from configuration. 
Event ID 3006 - The DFS Replication service has detected that replication group example.local\Dfs$\data\Dept1 was removed from the configuration. 
Event ID 2010 - The DFS Replication service has detected that all replicated folders on volume D: have been disabled or deleted
Event ID 9010 - The DFS Replication service successfully took the following failover cluster resource offline: 'DFSR D:\Share\Dept1'. No user action is required
Event ID 9003 - The DFS Replication service successfully deleted the following failover cluster resource: 'DFSR D:\Share\Dept1'. No user action is required

Sequence 2:

1206 - The DFS Replication service successfully contacted domain controller (DC FQDN) to access configuration information.
9008 - The DFS Replication service successfully brought the following failover cluster resource online: 'DFSR D:\Share\Dept1'. No user action is required. 
9000 - The DFS Replication service successfully created / updated the following failover cluster resource: 'DFSR D:\Share\Dept1'. No user action is required. 
4102 - The DFS Replication service initialized the replicated folder at local path D:\Share\Dept1 and is waiting to perform initial replication. The replicated folder will remain in this state until it has received replicated data, directly or indirectly, from the designated primary member

We are backing up the volume using a third party application.

After the reboot , we see Backup initiated and completed logs.Once backup completed on all Volume, VSS service shutdown due to idle time.Event ID (8224)

We see the below event in application log after VSS shutsdown

DFSRs (2108) \\.\D:\System Volume Information\DFSR\database_4750_5DCF_120A_53F2\dfsr.db: The database engine stopped the instance (0). 

Dirty Shutdown: 0 

Does this mean our DFSR shutdown dirty or not?

We are not sure why all of sudden DFSR started removing the configuration and reconfigured it.Then it went to initial sync.

Is this normal, if we move DFSR service from cluster node to another , will it recreate the configuration.What are the possibilities of triggering Event ID 4102.

Is it possible that Backup service might have corrupted DFSR database or VSS had done something?.

Please let me know if any of you went through the same issue

Thanks

Veejay

Hi,

I've an incredible problem with my shared folder file server (W2012 R2). It works "quite well", but sometimes (many times) you save a file (editing an existing one, or creating a new one), and that file... loses all NTFS security and ownership attributes! You cannot acces the file, nor assign new permission.

The only way to fix it is going locally on the server, take ownership using takeown (or GUI), then reassign permission to current user. After that, all the lost permissions come back!

The problem is from any client on the net, there are Win 8.1 and Win 10.

This is a nightmare that makes us crazy, please help!

Application:

• A ton of continuous writing.  We will do DVR like recording on multiple channels.
• A lot of reading for media streaming
• We would like some data protection in case of disk failures

We would like to do do a tiered storage with multiple SSDs and traditional HDDs.  Here are the questions:

• What is the best tiered storage set up?  Mirrored?  Parity?  Double Parity?
• Number of SSDs vs. number of HDDs?  We are thinking 16 bay head unit with 2 JBOD attachments with each up to 90 drives for total of 180 JBOD drives.
• Ideal mixture of SSDs vs. HDDs for best performance.

Thank you for any suggestion in advance!

Hi

I hope someone can offer some advice here. We have 2 Windows Server 2012 R2 DFS servers replicating a set of folders together with a namespace.

I've noticed that if I change the top-level folder permission then these are not replicated to the 2nd DFS server. Changing the NTFS permission on a subfolder does replicate. So for example, if I change the NTFS permission on \\domain.local\namespacefolder\share this is not replicated to the 2nd server.

Can someone confirm if this is expected behaviour or a bug as I was under the impression that NTFS permissions replicate regardless of what folder level it is?

Many thanks

Hi

i am getting

"Volume Shadow Copy Service information: The COM Server with CLSID {463948d2-035d-4d1d-9bfc-473fece07dab} and name HWPRV cannot be started. [0x80070005, Access is denied.
]

Operation:
   Creating instance of hardware provider
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies

Context:
   Provider ID: {3f900f90-00e9-440e-873a-96ca5eb079e5}
   Provider ID: {3f900f90-00e9-440e-873a-96ca5eb079e5}
   Class ID: {463948d2-035d-4d1d-9bfc-473fece07dab}
   Snapshot Context: -1
   Snapshot Context: -1
   Execution Context: Coordinator"

errors, {463948d2-035d-4d1d-9bfc-473fece07dab} resolves to an AppID {9D884A48-0FB0-4833-AB70-A19405D58616}

=> WTSnapshotProvider

The Server 2012 has dedup going, McAfee AV, and IBM Trivoli TSM Backup s/w running. The last two likely to use shadow copies as well as the OS ?

=> Any ideas what the problem is or who is the process wanting to do this item ?

Under

HKEY LOCAL MACHINE\SYSTEM\CURRENT CONTROL SET\SERVICES\VSS\PROVIDERS

 there is 3 Microsoft names :

- Microsoft iSCSI Target VSS Hardware Provider
- Microsoft File Share Shadow Copy provider
- Microsoft Software Shadow Copy provider 1.0

NB: It is a vmware vCenter v5 VM but NO migration services etc are being requested, only the latest vmware tools installed.

Thanks

Hello.

I use Windows 2008 R2 file server and share my Drive D as a file server but when a user deleted a file from my share drive, It can;t move to the Recycle bin for recovery? 

How can I fix it?

Thank you.

Have recently set up an new windows 2012 r2 file server and now running some reports for the first time. I know there are lare files present by performing a search for large files but these do not get presented in the reports in FSRM. Where should I start my troubleshooting, are there any specific logs I can look at?

I have set up a report for a specific folder with large files in it via Storage Reports Management but get nothing in the report, no matter what I specify as size.

Any suggestions or ideas are welcome.

Thanks,

/M

I have a server in which stored the home directory files, I have since replaced it.  It's now taken offline and sitting idle.

I had redirected the my documents to their home folder.

Strange issues was when I browsed the folder I saw I directory full of My Document (folders) the only way I know which user it belongs to was to look at the security properties for each.

Anyhow I copied these files to the new home folders, on the new server which now appear as their users name ( I do notice mine has changed to "my Documents") so all except mine are under this particular username.

Problem is now my users are claiming much of their documents are out of date, this may have something do to "roaming" user profiles even though they are local.

I have a big problem now with lost files I've searched and searched and can't find them, I'm trying to revert to backup, in the mean time.

Would anyone know what may have happened or what is happening. I need to recover these files and prevent this from happening.

Thank You,

nambi

Hi,

I am running  clustered 2012 R2 file servers using DFS namspaces for simplified/consistent paths. The namespaces are domain-based 2008-level. I would like to be able to map a drive to \\domain\namespace\folder on users' computer, then use access-based enumeration to show them which folders they have access to.  Mapping the drive works fine, and read access works normally, but when users go to drag and drop or copy-paste files onto the mapped drive, they receive a message that:

"X:\ is unavailable. If the location is on this PC..."

I've replicated this on Windows 8, 8.1, and 10 and would probably have given up, expect that the copies work fine when using the network path in Explorer (not the drive letter), "network location, or when using the copy command from CMD or PowerShell, running as the same user. Users can also perform regular read-writes to files on the mapped drive. This makes me think that there is not a permissions issue but maybe something at the Explorer level. 

Any thoughts or insights would appreciated. Accomplishing this another way is certainly on the table. 

Thanks!
Matthew

Matthew

Hello,

I had 2 servers participating in a DFS namespace and recently added a 3rd server to it. I'm now ready to decommission the 2 shares on the first two servers, but I noticed that users are still accessing the files in these shares. I deleted these two server's target folder information last week, so only the 3rd server has been defined in the namespace since then.

The files in these shares get pushed to workstations via group policy and I've verified that they are referenced by the namespace in the group policy and not by servername\sharename. I also restarted the DFS services on one of the offending servers with no change.

Any ideas on why these files are still being opened on those servers no longer participating in the namespace?

Servers are Windows 2008 R2.

Thanks!

I need to examine a source machine to build a like target disk configuration. I have no problems until I create a dynamic disk allocated within a storage pool. E.g. -

    '100 GB raw disk' -> Storage Spaces -> 10 GB dynamic disk -> Disk 5 Partition 1 -> F:

I need an API way to map all 'real' disks to their logical volumes in detail. For basic disks in a storage pool, I can map all the way from the 'raw' disk to the volume and can replicate it.   For dynamic disks created within a storage pool, I can get to a MSFT_VirtualDisk easy enough, but the trail ends there.  MSFT_VirtualDiskToDisk only lists basic disks - the dynamic disks are missing.  There is not enough information within MSFT_VirtualDisk to relate to either MSFT_DISK or WIN32_Disk.  A query of MSFT_VirtualDiskToVirtualDisk is empty - no result rows.  There must be a connection somewhere as the disk manager sees the 'disk' come into existence.

Any ideas on how to make the last two jumps?  I cannot find anything useful in the Storage Management API (https://msdn.microsoft.com/en-us/library/windows/desktop/hh830612(v=vs.85).aspx). 

Thanks in advance,

Ed

PS - Yes, I know this is not the brightest disk configuration, but that is not my call to enforce, only to replicate.