Setup DFS Namespaces on Azure with Windows Server

Setup and install DFS on Azure on Windows Server 2022 or 2019.  The Distributed File System (DFS) is a service that enables you to organize distributed SMB file shares into a single, logically structured namespace.  DFS provides the flexibility to store files across multiple locations (both on-premises and in the cloud), while giving users a unified view of shared resources. With DFS Replication, you can synchronize files across multiple servers, ensuring redundancy and high availability. When deployed on Azure, DFS takes advantage of the clouds scalability, enabling seamless, secure, and redundant file sharing across geographically distributed environments.

Cloud DFS Azure

Install DFS Azure

Deploy DFS on Windows Server 2022 on Azure

______________________________________________________________________

Setup DFS on Windows

Deploy DFS on Windows Server 2019 on Azure

Setup DFS on Azure

Getting Started with DFS on Azure

Once you’ve deployed DFS on Windows server, the first step is to RDP into the new instance once it has fully booted up.  The following links explain how to connect the VM once it has finished being deployed:

 

 

Once logged in, you’re now ready to start setting up DFS according to your requirements:

Using DFS on Azure with Windows Server

Once you’ve logged in, you can proceed with setting up and managing DFS for shared files across your environment.

 

This guide will walk you through the basic steps to configure and use DFS Namespaces and DFS Replication on your Azure VM.

Step 1: Accessing the DFS Management Console

After installing DFS, you’ll manage it through the DFS Management Console.

 

  1. Log into your Azure VM running Windows Server 2022 / 2019.
  2. Open the Run dialog by pressing Windows + R.
  3. Type dfsmgmt.msc and press Enter to open the DFS Management Console.

 

Alternatively, you can access it through the Server Manager:

  • Open Server Manager > Tools > DFS Management.

Step 2: Creating a DFS Namespace

A DFS Namespace provides a virtual view of shared folders located across different servers, making it easier for users to access files without worrying about their physical location.

 

  1. In the DFS Management Console, right-click on Namespaces in the left pane and select New Namespace.

 

2. Select the host server:

    • Enter the name of the server that will host the namespace (this would be your Azure VM).

 

3. Name the namespace:

    • Choose a name for your namespace, such as CorpNamespace or SharedFiles.

 

4. Set the namespace type:

    • Choose whether you want to create a Domain-based namespace (recommended for redundancy and high availability) or a Stand-alone namespace (simpler setup, but no failover).

 

5. Create folders in the namespace:

    • After the namespace is created, you can right-click the namespace and choose New Folder to create shared folders that will be part of the DFS Namespace.
    • These folders are links to existing shared folders on your network or Azure VMs.

Step 3: Creating DFS Replication

DFS Replication is used to keep files in sync between multiple servers. This is especially useful when you have several Azure VMs across regions or availability zones, and you want to ensure data redundancy.

 

  1. In the DFS Management Console, right-click on Replication in the left pane and select New Replication Group.

 

2. Choose the replication group type:

    • You can select Multipurpose replication group to replicate between two or more servers or Replication group for data collection if you’re replicating to a central location.

 

3. Enter replication group name and domain:

    • Name your replication group, for example, AzureFileReplication.

 

4. Select servers to include in the replication:

    • Add the Azure VMs (or other servers) that will participate in the replication. Each server should have the DFS Replication feature installed. Deploy new DFS servers using the DFS Azure image (Deployment Link above).

 

5. Configure folders to replicate:

    • Select the folder(s) you want to replicate. These should be shared folders on the servers.

 

6. Set replication topology:

    • Choose how data should be replicated (full mesh or hub and spoke). For most scenarios, Full Mesh works well as it allows all servers to replicate with each other.

7. Configure the schedule and bandwidth:

    • Set a replication schedule (e.g., continuous or limited to certain hours). You can also limit the bandwidth used for replication to avoid network saturation.

 

8. Review settings and finish:

    • Review the settings and click Create to finalize the replication group. The replication process will begin based on the configured schedule.

Step 4: Configuring Network and File Shares on Azure

When running DFS on an Azure VM, you need to ensure the appropriate networking configurations for accessing shared files across multiple Azure VMs or networks.

4.1 Configuring Network Security Groups (NSG)

To ensure proper communication between your VMs, adjust the Network Security Group (NSG) rules to allow traffic over the following ports used by DFS and SMB:

 

  • SMB (for file sharing): TCP 445
  • RPC for DFS: TCP 135
  • DFS Replication: TCP 5722
  • LDAP (if using domain-based namespaces): TCP/UDP 389

 

You can adjust the NSG rules from the Azure Portal:

 

  1. Navigate to the Network Security Group associated with your VM’s network interface.
  2. Add inbound rules to allow the ports mentioned above.

4.2 Setting Up File Sharing

Make sure that the folders you want to replicate or include in the DFS namespace are properly shared:

 

  1. Right-click the folder you want to share, and select Properties.
  2. Go to the Sharing tab and click Advanced Sharing.
  3. Enable Share this folder and set the appropriate permissions.

Step 5: Monitoring DFS Replication

Once DFS Replication is set up, you can monitor its status in the DFS Management Console.

 

  1. Open the DFS Management Console.
  2. Expand Replication, and select the Replication Group you created.
  3. Review the Replication Status in the Replication Group Status tab.

Step 6: Using DFS on Azure with Multiple VMs

You can set up DFS Namespaces and Replication across multiple Azure VMs to create a high-availability environment. Here’s how:

 

  1. Deploy additional DFS VMs: Create more Azure VMs across regions or availability zones using the Azure DFS Image (Deployment links above).
  2. Join the same domain: Ensure that these VMs are joined to the same Active Directory domain (if using a domain-based namespace).
  3. Add the VMs to DFS: Add these VMs as targets for your DFS namespace or replication group to ensure files are synchronized across all servers.
DFS Replication Members

Step 7: Disaster Recovery and High Availability

DFS provides built-in replication, which can serve as a simple disaster recovery solution in Azure. By replicating files across VMs located in different Azure regions, you ensure that data is always available, even if one VM goes down.

 

To further enhance availability, consider integrating DFS with other Azure services like Azure Backup for regular snapshots and backups.

Step 8: Integrating DFS with Azure Files (Optional)

Azure Files provides a fully managed, cloud-based file share that you can mount from Windows, Linux, or macOS systems. Integrating Azure Files with DFS Namespaces allows you to create a unified namespace that includes on-premises file servers and Azure file shares, offering seamless file access and synchronization between cloud and local environments.

 

Benefits of Using Azure Files with DFS:

 

  • Unified Access: Users can access on-premises file shares and Azure files through a single DFS namespace.
  • Scalability: Azure Files provides scalable storage, eliminating the need to manage large file servers.
  • Redundancy: DFS Replication, combined with Azure Files, ensures that files are synchronized and available in both cloud and on-premises environments.

How to Integrate DFS with Azure Files

8.1 Prerequisites

Before you integrate DFS with Azure Files, ensure you have the following:

 

  • Azure Storage Account with Azure Files enabled.
  • Azure File Share: Create an Azure File Share under the storage account.
  • Windows Server 2022 or 2019 with DFS installed on your Azure VM (using the Azure DFS Image, links above).
  • Appropriate Network Security Group (NSG) rules configured to allow traffic over SMB (port 445).

8.2 Create an Azure Storage Account

  1. Log into the Azure Portal and navigate to Storage Accounts.

 

2. Click Create and provide the necessary details:

    • Resource Group: Select or create a new one.
    • Storage Account Name: Name your storage account (e.g., mystorageaccount).
    • Region: Select the same region as your VM for performance optimization.
    • Performance: Choose between Standard and Premium based on your needs.

 

3. Click Review + Create and then Create.

8.3 Create an Azure File Share

  1. After the storage account is created, go to your storage account in the Azure portal.

2. Under the File shares section, click + File Share.

3. Name the file share (e.g., myfileshare) and specify the quota (size).

4. Click Create.

8.4 Mount the Azure File Share on the Azure VM

To mount the Azure file share on your Windows Server 2022 / 2019 VM, follow these steps:

 

  1. Get the connection string:
    • In the Azure Portal, navigate to the File Share you just created.
    • Click Connect at the top of the file share page.
    • Select the Windows tab, and you’ll see a PowerShell script that mounts the file share.

 

The script will look something like this:

				
					# Replace <StorageAccountName>, <FileShareName>, and <StorageAccountKey> with your actual values
net use Z: \\<StorageAccountName>.file.core.windows.net\<FileShareName> /user:<StorageAccountName> <StorageAccountKey>

				
			

2. Run the command to mount the file share:

				
					net use Z: \\mystorageaccount.file.core.windows.net\myfileshare /user:mystorageaccount <storage-account-key>

				
			

This will map the Azure File Share to drive Z: on your Windows VM.

8.5 Integrate Azure Files with DFS Namespace

Now that the Azure file share is mounted, you can add it to your DFS Namespace, allowing it to be part of a unified namespace alongside your local file servers.

 

  1. Open the DFS Management Console (dfsmgmt.msc) on your Azure VM.

 

2. Right-click your DFS Namespace (or create a new one) and select New Folder.

 

3. Name the folder: This will be the name of the folder within your namespace (e.g., AzureFiles).

 

4. Add the folder target: In the Add Folder Target section, point to the mounted Azure file share:

    • Target path: Z:\ (or whatever drive letter you used to mount the Azure file share).

 

5. Click OK to add the folder target.

 

The Azure file share is now part of your DFS Namespace, allowing users to access the file share as part of a unified namespace along with on-premises file shares.

Step 9: Managing Azure Files with DFS Replication (Optional)

While DFS Replication does not natively support Azure Files (since Azure Files is a managed cloud service), you can still use DFS Namespaces to integrate on-premises and cloud file shares. If you want to replicate files between Azure VMs and on-premises servers, consider using a hybrid architecture with both DFS Replication and Azure Files.

 

Hybrid DFS Replication with Azure Files (Alternative Approach):

 

  1. DFS Replication can synchronize files across multiple on-premises or Azure-based servers (if they use local file storage).
  2. Azure Files can be used to provide a central cloud-based file repository accessible through the same DFS Namespace, without DFS Replication.

 

If replication between Azure VMs is required, you would typically use DFS Replication to handle synchronization between on-premises servers and Azure VMs, while Azure Files acts as a separate cloud-based file share in your namespace for users to access remotely.

Firewall Ports

Distributed File System (DFS), particularly DFS Namespaces and DFS Replication, relies on several network ports for communication. Here is a breakdown of the ports used by DFS:

1. DFS Namespaces (DFS-N):

  • Port 445 (SMB): This port is used for SMB (Server Message Block) communication, which allows DFS to provide access to shared files and folders over the network.
  • Port 135 (RPC): Remote Procedure Call (RPC) is used for initial communications to manage DFS Namespaces.
  • Dynamic RPC Ports (1024–65535): DFS uses dynamic ports for RPC communication. Once the initial connection is established over port 135, a dynamic port is assigned for subsequent communication.

2. DFS Replication (DFS-R):

Port 5722 (DFS Replication Service): DFS Replication uses this port for file replication between servers. Ensure that this port is open on all participating servers to allow replication to occur.

3. Active Directory and LDAP (for domain-based namespaces):

If you are using domain-based namespaces, DFS also depends on communication with Active Directory:

 

  • Port 389 (LDAP): Lightweight Directory Access Protocol (LDAP) is used to communicate with Active Directory for namespace and replication group information.
  • Port 636 (LDAPS): This is the secure version of LDAP, used if your environment requires encrypted LDAP traffic.
  • Port 53 (DNS): Domain Name System (DNS) queries for locating DFS servers.
  • Port 3268 (Global Catalog): This port is used by DFS for global catalog communication when accessing domain-based namespaces.

Summary of DFS Ports:

  • Port 445 (SMB): File sharing and folder access.
  • Port 135 (RPC): Initial DFS Namespace communications.
  • Dynamic RPC Ports (1024–65535): Used for ongoing RPC communication.
  • Port 5722: DFS Replication Service.
  • Port 389 (LDAP): Communication with Active Directory for domain-based namespaces.
  • Port 636 (LDAPS): Secure LDAP communication (optional).
  • Port 53 (DNS): DNS resolution for DFS servers.
  • Port 3268 (Global Catalog): Communication with the global catalog (domain-based namespaces).

If you’re currently running Azure Network Security groups refer to the following to allow these ports for your VM:

 

To setup Azure firewall rules refer to – Azure Network Security Groups

Documentation / Support

For further tutorials and documentation, refer to the official documentation on the following link:

 

https://learn.microsoft.com/en-us/windows-server/storage/dfs-namespaces/dfs-overview

 

For any support regarding running DFS on Azure, please contact us for assistance with any questions you have.

Avatar for Andrew Fitzgerald
Andrew Fitzgerald

Cloud Solution Architect. Helping customers transform their business to the cloud. 20 years experience working in complex infrastructure environments and a Microsoft Certified Solutions Expert on everything Cloud.

0 0 votes
Article Rating
Subscribe
Notify of
0 Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x