Active Directory and the Resilient File System (ReFS)
With Windows Server 2012, Microsoft introduces a new local file system, called Resilient File System (ReFS). This file system can be used as an alternative to NTFS, the file system we’ve come to love and use on our servers in the past years.
When it comes to Active Directory, however, you should be aware of a couple of issues.
What is ReFS?
The codename for the Resilient File System (ReFS) was the Protogon. ReFS is quite different from NTFS. Quoting the “Application Compatibility with ReFS” document from Microsoft, when used, ReFS offers the following capabilities:
- Integrity: ReFS stores data in a way that it is protected from many of the common errors that can cause data loss. File system metadata is always protected. Optionally, user data can be protected on a per-volume, per-directory, or per-file basis. If corruption occurs, ReFS can detect and, when configured with Storage Spaces, automatically correct the corruption. In the event of a system error, ReFS is designed to recover from that error rapidly, with no loss of user data.
- Availability: ReFS is designed to prioritize the availability of data. With ReFS, if corruption occurs, and it cannot be repaired automatically, the online salvage process is localized to the area of corruption, requiring no volume down-time.
- Scalability: As the amount and the size of the data we store in computers increases, it is critical to have a system that is designed with such data sets in mind. ReFS is designed for data sets sizes of today and the data set sizes of tomorrow, optimized for high scalability.
- Application Compatibility: To maximize AppCompat, ReFS supports a subset of NTFS features and Win32 APIs that are widely adopted.
- Proactive Error Identification: The integrity capabilities of ReFS are leveraged by a data integrity scanner (commonly known as a “scrubber”) that periodically scans the volume, attempting to identify latent corruption and then proactively triggering a repair of that corrupt data.
- Architectural Evolution: A new architecture allows ReFS to evolve in conjunction with new storage devices, new data types, and new access patterns, providing a file system platform for the future.
For more information on ReFS, see Building the next generation file system for Windows: ReFS.
What’s the impact of using ReFS?
From the official Microsoft documentation, ReFS sounds like the best thing since sliced bread; it makes your file systems resilient to disk corruptions, battles bit rot and elimates the (offline) use of chkdsk.exe.
You’d be tempted to select ReFS for the file system within the New Simple Volume Wizard, right? Luckily, the Volume Wizard doesn’t select ReFS as the default file system to format new volumes with. Also, by default your Windows Server installation does not reside on a ReFS-formatted volume.
General deployment considerations
The official documentation states two deployment considerations:
- ReFS is available only in Windows Server.
- ReFS can be configured only as a data volume; you cannot install an operating system on a ReFS volume or use it as a boot volume.
Active Directory considerations
On top of these two considerations, there are two more considerations when using ReFS in Active Directory environments:
- You cannot store the Active Directory database or the System Volume (SYSVOL) on a ReFS-formatted volume or disk.
- Dynamic Access Control (DAC) is not supported on ReFS.
Storing the Active Directory database and SYSVOL on ReFS
It is a best practice to store Active Directory files on a different disk, spindles or volumes than the disk, spindles or volumes the Operating System resides on.
Before choosing ReFS for a volume of disk on your proposed Windows Server 2012-based Domain Controllers, make sure you’re not going to use them as storage for the Active Directory database or the System Volume (SYSVOL). Use the NTFS file system for these volumes or disks.
Using Dynamic Access Control with ReFS
Also, when deploying Windows Server 2012-based File Servers, make sure you don’t format the volumes and disks containing group data with ReFS.
In the future, when you want to use fullblown Dynamic Access Control, you will need to migrate this data to a NTFS-formatted disk or volume first. As stated here, Dynamic Access Control is not supported on ReFS. You cannot apply Dynamic Access Control policies on files and folders hosted on ReFS-formatted disks and folders and you could only use claims inside the ACLs directly.
Building the next generation file system for Windows: ReFS
ReFS, Microsoft's next generation file system revealed
What The Hell Is WS2012 ReFS?
Microsoft's ReFS Filesystem for Windows 8 Server Explained
New Protogon file system in Windows 8 renamed to ReFS
The mystery of Windows 8's new 'Protogon' file system
Windows 8: New "Protogon" filesystem could be the next big thing
Storage GaGa - Protogon File System