Please read the following notes carefully before deploying the read-only replicated folders feature.
a) Feature applicability: The read-only replicated folders feature is available only on replication member servers which are running Windows Server 2008 R2. In other words, it is not possible to configure a replicated folder to be read-only on a member server running either Windows Server 2003 R2 or Windows Server 2008.
b) Backwards compatibility: Only the server hosting read-only replicated folders needs to be running Windows Server 2008 R2. The member server that hosts a read-only replicated folder can replicate with partners that are on Windows Server 2003 or Windows Server 2008. However, to configure and administer a replication group that has a read-only replicated folder, you need to use the DFS Management MMC snap-in on Windows Server 2008 R2.
c) Administration of read-only replicated folders: In order to configure a replicated folder as read-only replicated folder, you need to use the DFS Management MMC snap-in on Windows Server 2008 R2. Older versions of the snap-in (available on Windows Server 2003 R2 or Windows Server 2008) cannot configure or manage a read-only replicated folder. In other words, these snap-ins will not display the option to mark a replicated folder ‘read-only’.
d) Schema updates: If you have an older version of the schema (pre-Windows Server 2008), you will need to update your Active Directory schema to include the DFS Replication schema extensions for Windows Server 2008. Details regarding how to do so are given below:
The read-only replicated folders feature depends on the ‘msDFSR-ReadOnly’ flag in Active Directory. This flag is available as part of the Windows Server 2008 schema.
A detailed list of the schema extensions for the DFS Replication service can be found at: http://blogs.technet.com/askds/archive/2008/07/02/what-are-the-schema-extension-requirements-for-running-windows-server-2008-dfsr.aspx
There are no schema extensions for the DFS Replication service in the Windows Server 2008 R2 release. The rest of this discussion assumes that the Active Directory schema has been updated to include the Windows Server 2008 schema updates for DFS Replication.
1. Configuring a new read-only replicated folder
First of all, let’s take a look at how to configure a folder for replication between a couple of member servers. We will configure a folder containing reports to be replicated from Contoso’s hub server to the server in the sales office. The replicated folder will be configured as a read-only replicated folder on the sales office member server. The steps to create a new replication group are listed below.
The only difference (while configuring a read-only replicated folder) is that a check-box needs to be enabled while selecting the path of the replicated folder on the read-only member. This change is explained in Step 10 below.
Step 1: Launch the DFS Management Console (on Windows Server 2008 R2 member).
The DFS Management console (dfsmgmt.msc) is an MMC snap-in that can be used to configure and manage DFS Namespaces as well as DFS Replication.
Select ‘Replication’ in the left hand side pane in order to configure and manage DFS Replication. The ‘Actions’ pane on the right can be used to configure replication groups and folders that need to be replicated using DFS Replication.
Step 2: Click on the ‘New Replication Group…’ action.
In the ‘Actions’ pane on the right, click on ‘New Replication Group…’. This launches the‘New Replication Group Wizard’, which is illustrated in the below screenshot. The wizard walks through a set of operations that need to be performed while configuring the new replication group.
Step 3: Select the type of replication group.
First of all, select the type of replication group to be created. The ‘Multipurpose replication group’ can be used to configure custom replication topologies. This type of replication group can be used to create replication topologies such as ‘hub and spoke’ and ‘full mesh’. It is also possible to create a custom replication topology by first adding a set of servers to the replication group and then configuring custom connections between them to achieve the desired custom replication topology.
The second type of replication group (‘Replication group for data collection’) is a special type of replication topology and is used to add two servers to a replication group in such a way that a hub (destination) server can be configured to collect data from another branch server. Let’s select ‘Multipurpose replication group’.
Step 4: Select the name and domain for the replication group.
In the wizard page that follows, enter a name for the replication group as well as the domain in which to create the replication group.
Step 5: Add replication group members.
In the wizard page that follows, add the member servers between which data is to be replicated. We now select CONTOSO-HUB and CONTOSO-SALES as the replication member servers, as seen in the screenshot below.
Step 6: Configure the replication topology, replication schedule and bandwidth utilization.
In this wizard page, configure the desired connection topology for replication.
The ‘Hub and spoke’ option is available only when three or more replication member servers are selected. Therefore, it is grayed out in the below screenshot.
The ‘Full mesh’ connection topology connects every replication member server with all other members in the replication group. This usually works fine when there are 10 or fewer servers in the replication group.
The option ‘No topology’ can be selected in order to configure a custom connection topology. In this case, The connections between the servers need to be added so as to create the desired topology.
Since there are only two servers in the replication group and we want them to be connected to each other, we select ‘Full mesh’ as the connection topology.
A custom replication schedule and bandwidth throttling can also be configured. The default option configures the DFS Replication service to replicate continuously without any bandwidth restrictions.
However, it is also possible to configure replication to take place during specific time windows (such as, for example after office hours). This can be done by selecting the option ‘Replicate during the specified days and times’ and then selecting the replication schedule in the wizard page that is launched. For example, the below screenshot illustrates an example where replication has been configured using all available bandwidth between 6pm and 6am (after office hours).
Step 7: Configure the primary member in the replication group.
When the DFS Replication service conducts initial sync, this is the server which has the authoritative copy of the data. After the initial synchronization is complete, DFSR switches to multi-master replication mode and changes can be made on any of the replication member servers.
Therefore, while setting up replication, choose the member server that has the authoritative copy of the data for the replicated folder as primary. In this example, the hub server has been configured to be the primary member.
Note: Please note that while setting up replication, the replicated folder cannot be configured to be read-only on the primary member. This is because the authoritative copy of data must reside on a read-write member.
Step 8: Configure the replicated folder path on the primary member.
In the following screen, configure the local path to the replicated folder on the primary member. Remember that this screen allows you to configure the replicated folder path for the primary member in the replication group. Since the primary member contains the authoritative copy of data that is to be replicated to the other member(s) in the replication group, it is not possible to mark the replicated folder read-only for this member. If the path does not exist, then the DFS Management console will create it.
Step 9: Configure the path to the replicated folder on other replication member servers.
In the following screen, configure the replicated folder path for the remaining members in the replication group. By default, the membership of each of the replicated folders is set to Disabled. The membership status can be enabled by configuring the path to the replicated folder on the other members in the replication group.
In order to set the local path to the replicated folder on the remaining members and to enable the membership, click on the ‘Edit…’ button after selecting the member on which you want to set the path. In the dialog that appears, enter the local path to the replicated folder on the member.
Step 10: Configure the replicated folder to be read-only on desired members.
Notice that the dialog box which appears when the ‘Edit…’ button is clicked has an option to configure the replicated folder read-only on that member. First, select a local path for the replicated folder on this member server.
In order to configure the replicated folder to be read-only, select the check box ‘Make the selected replicated folder on this member read-only’.
That’s it. The replication group can now be created.
Remember that replication does not begin until the configuration settings for this new replication group have replicated to the domain controller that is polled for configuration information by the DFS Replication service on the replication group members. Therefore, there will be a delay corresponding to the time it takes for the configuration settings to replicate between domain controllers in the domain and the time taken for all replication member servers to receive these configuration changes from Active Directory.
Once the replication group has been configured, the membership status reflects which folders have been configured to be read-only. For example, in the below screenshot the replicated folder ‘C:\Reports’ has a membership status of ‘Enabled (read-only)’ on the member CONTOSO-SALES.
Configuring a read-only replicated folder to be read-write is as simple as selecting ‘Make read-write’ from the right click menu. Remember that this process will cause the DFS Replication service on the read-only member to rebuild its database before it switches to being read-write.
2. Configuring an existing replicated folder to be read-only
It is also possible to convert a read-write replicated folder to read-only at any point in time. In order to upgrade an existing replicated folder to be a read-only replicated folder, first upgrade the machine to Windows Server 2008 R2 and then follow the below steps to configure the replicated folder as a read-only replicated folder on that member.
Step 1: Launch the DFS Management Console (on WS2008 R2 member).
Launch the DFS Management snap-in and connect to the corresponding replication group. The below screenshot illustrates what to expect in the DFS Management console. The console displays the replicated folders and the member servers in the replication group.
The screenshot above shows that the replicated folder ‘Reports’ is currently configured to be read-write on both members of the replication group ‘ContosoReports’. In order to configure the replicated folder to be read-only on the member CONTOSO-SALES, follow the steps listed below.
Step 2: Configure the replicated folder to be read-only.
Select the member on which the replicated folder needs to be configured as read-only, right click and select ‘Make read-only’ in the right click menu.
After the replicated folder has been configured to be read-only on a particular member, the Membership status changes to ‘Enabled (read-only)’ for that member in the DFS Management MMC snap-in. This is how read-only replicated folders can be identified in the DFS Management snap-in. The DFS Replication service on the member which has this newly configured read-only replicated folder, notices this change the next time it polls Active Directory for configuration information. Thereafter, the replicated folder will begin to behave like a read-only replicated folder.