Re: DFS , EFS and NTFRS

From: David Bowen (David_at_MyForest.Com)
Date: 11/25/03 

Date: Tue, 25 Nov 2003 01:25:17 -0000

Jill,

Thanks for the feedback and the link.

In my case there is only one server facing the world at large and so that
will be the only one that should be updated whilst I'm away. I could set it
to de-crypt "new" files each day and then re-encrypt them. That would
ensure they got moved to the remote machines in case the house burns down /
the server gets stolen. If I did this I'd need to figure out how to setup
encryption on the other servers so that the updated file could arrive OK.
This sounds like it's getting tricky.

My day job is writing systems and I know how frustrating it can be when you
see people in the real world doing very strange workarounds because they are
(ab)using a feature you created. It appears to be the way of the world.

In reality it'll probably be easier to setup XCopy for the small amount of
things that are likely to change whilst we're away. Something like a
scheduled task doing:

XCOPY /M /E /C /H /R /K /Y /Z \\Server1\DFSReplicaSet1
\\Server2\DFSReplicaSet1

or possibly:

XCOPY /D /E /C /H /R /K /Y /Z \\Server1\DFSReplicaSet1
\\Server2\DFSReplicaSet1

I can even freely XCopy into the "true" target location (my other DFS
Servers) as the USN updates won't fire. The only minor snag then is when I
get home and de-crypt everything (8GiB) which will cause my Wireless LAN to
light up for quite a while.

Thanks again.

David Bowen

>>

"Jill Zoeller [MSFT]" <jillz@online.microsoft.com> wrote in message
news:eWJtRDusDHA.424@TK2MSFTNGP11.phx.gbl...
David,

FRS monitors the USN journal to detect when files have changed. Once a file
is encrypted, FRS ignores all changes to the file. If you decrypt the file,
FRS does notice this change and will replicate the file. Unfortunately
there's no way that I know of to "trick" FRS into replicating encrypted
files.

For more information about how FRS works, see
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/proddocs/techref/w2k3tr_frs_how.asp

<<

Relevant Pages

  • Re: GPOs cannot be saved because files being used by another proce
    ... Excessive Replication of FRS Data in Sysvol and DFS ... Check if FRS is currently running on the target server. ... Checking NtFrs related Registry Keys for possible problems...passed ...
    (microsoft.public.windows.server.active_directory)
  • Re: Operations Master Replication Issue Event ID 13562
    ... my understanding of this issue is: The FRS replica fails ... and you cannot transfer the FSMO to another server. ... seize the FSMO roles to other domain controller and then refer to KB312862 ... >> This server and others are having problems with replication. ...
    (microsoft.public.win2000.active_directory)
  • Re: * 1058 and 1030
    ... was from one of my DCs which was also a DNS server. ... > to "Replication", however, if you're having such issues ... FRS, File Replication ...
    (microsoft.public.windows.server.general)
  • Re: DCDiag error
    ... sysvol is shared and accessible on both DC's.. ... Check if FRS is currently running on the target server. ... Ntfrs is registered with the End-Point-Mapper on target server!)": ...
    (microsoft.public.win2000.active_directory)
  • RE: Windows Server 2003 service pack 1 issues
    ... For the most part here is a brief rundown on FRS... ... If FRS replication is broken you will get a journal wrap condition once the ... without looking at the events logs and FRS Diag logs. ... >> old server and see what event is the event at the top of the list. ...
    (microsoft.public.windows.server.active_directory)