Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Folder redirection and roaming user profiles on SAN or NAS?

  • Please log in to reply
1 reply to this topic

#1 _Guess_Who_


  • Members
  • 13 posts
  • Gender:Male
  • Local time:08:39 AM

Posted 10 June 2016 - 08:39 AM

I am underway deploying Microsoft Windows Server 2012 R2 with active directory role. We will be using “folder redirection” and “Roaming user profiles”. Given that there are over 200 users in this office. Following are my questions:

1. According to my understanding a SAN is preferred over NAS. Because a SAN will enable ACL permissions to be set by the server. Is this correct? Or is NAS a better options and will allow use of ACLs ? Which one of these is recommended?

2. I have little knowledge about this, however what is the recommended physical connection between the storage and the server? A iSCASI or Fiber channel? Is there a better mode of connections?
Are there any other consideration when deploying folder redirection and roaming user profiles over NAS or SAN?

3. I have a SAN storage with FC, FCoE, NFS, CIFS, iSCSI protocol support. Which is the best option to take?

Thanking you in anticipation.


BC AdBot (Login to Remove)


#2 androbourne


  • Members
  • 25 posts
  • Local time:03:39 PM

Posted 14 June 2016 - 04:27 PM

If you already have a SAN, I would recommend it over a NAS for sure.


Unless you purchase an expensive NAS. Typically, even a low budget SAN will out perform the NAS. It comes down to hardware, NICs, Disk types for storage (SAS vs SATA), Raid types etc...


For my enterprise clients, I have them use something such as an MSA2040 SAN in a Raid 50 with SAS drives and also have them purchase a Synology NAS we use for backup storage.


As for ACL, you will want to go with a SAN with an iSCSI connection to the DC as the DC will believe that is a local resource and you will be able to configure ACL such as Windows Security or Sharing Permissions straight from the DC as you would any other file/folder.


If you do go with the SAN. I would recommend you use FC connections (Fiber Channel) as it's reliable and very quick. FC is the type of connection you will most likely want to use between the switches and the SAN for communication. iSCSI is another beast. iSCSI is the connection you will most likely use between the SAN storage and the devices that require access to said storage. (unless you have FC NICs for your devices) You would use both FC to configure and setup the SAN to Switch then iSCSI to connect the SAN storage to the devices requiring that connection (if needed).


I can think of two options in your case.


Configure the SAN with FC connections to the switches. Then create an iSCSI connection on the SAN and use iSCSI initiator to connect that to your DC where your AD profiles already reside. When you configure your profile redirection, you can choice a location to save it on the "X drive" of the DC which is actually the SAN storage.




You can simply create a share within the SAN UI and when performing your profile redirection policy, point it to the share on the SAN. However, I don't recommend this option. For once I don't think it will give you the ACL controls you are looking for and you will get more reliability and performance with iSCSI connection to the DC where the profiles reside. (as iSCSI does brick level transferring)


Things to consider when deploying folder redirection.



What are you planning on redirecting?


Are you planning on a full profile redirection or just my documents? etc... plan this out ahead of time


How reliable is the network? Do you have any networking issues or getting power surges\brown out on a normal bases? Are there laptops on the network?


I ask these questions because if the server or SAN ever losses connection to the workstations, you will not be able to load the profile to the workstation. It will load just a blank profile. If this is the case you may want to think about enabling "offline files" in Sync Center after you have deployed folder redirection. This saves a cached copy of the profile to the workstation in case out outages or removals from office (such as laptops) and next time it reconnects to the server, it will perform a profile sync. This way they can still function if the server, SAN or power is out.


I only recommend using offline files if truly needed. It is best practice to leave it off as the sync requests\conflicts can cause slowness and problems on the network. You really only want to use it with devices that will be leaving your office such as laptops etc...


Storage, how much do you have on the SAN? Is it enough to account for future expansion?


This is pretty important. If the company expands, is there enough storage to hold those new accounts? What about profile data sizes? These things will only grow throughout time. I recommend as least trying to calculate for 3+ years at rapid expansion rates to ensure you future proof yourself.


That is what I can think of off the top of my head. Hope that helps guide you in the right direction!

Edited by androbourne, 15 June 2016 - 07:13 AM.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users