BranchCache – Installation and Configuration

File Server Configuration for BranchCache

Now that BranchCache is installed on the file server, we will see how to configure it so that it can be used with cache servers.

Share configuration

In order to use BranchCache, each share must be configured.

A cache system has an interest in a file that is mostly read-only.

Through the server manager, go to the management of file and storage services in the Shares section. Right click on the share 1 where BranchCache must be activated and click Properties 2 .
Enable BranchCache on the share

Check the Enable branch cache (BranchCache) checkbox on file share 1 and validate by clicking Apply 2 and OK 3 .
Enable BranchCache on the share

Hash Publication for BranchCache

To work, the server has to publish a hash of the files present in the share to know if it is already present on the cache server. This hash is also used for security.

To enable publishing, we will put in place a Group Policy (GPO) that will be applied to a group whose file server is present.

If different shares on different servers are published with BranchCache, simply put the servers in the group for the GPO to apply.

On the domain controller, create a group that will contain the file servers.
Group for GPO

Create a Group Policy strategy at the root of the domain.

Edit the strategy by right clicking on 1 then click on Edit 2 .
Edit GPO

Go to the following location: Computer Configuration / Policy / Administrative Template / Network / Lanman Server and then double-click on the Hash Publication for BranchCache 1 to configure it.
Edit parameter

Choose the option Enabled 1 and set the option to 0: Allow the publication of hashes only for shared folders on which BranchCache is enabled 2 , validate the parameter by clicking the Apply buttons 3 and OK 4 .
Config gpo

The parameter is activated 1 and configure. Exit the Group Policy Management Editor.
configured strategy

In the Security Filtering portion of the policy, delete the Authenticated Users 1 group.
security filtering

Add the group dedicated to file servers 1 .
security filtering

The following manipulation is necessary so that the strategy can be read.

Go to the delegation tab 1 of the strategy, click on the button Add 2 . Select the group Authenticated Users 3 with read permission 4 and click OK 5 to validate.
GPO authorization

Restart the file server and ensure that the policy is applied to the gpresult / r command.